Abstract
Android system has gained the highest market share due to its openness and portability in the mobile ecosystem. Whereas, users are suffering from serious security issues these years. Many malicious Android applications are released in popular app stores and it’s hard to distinguish them. Most of the current malware detection researches are focus on collecting features as much as possible for better performance instead of mining information inside the simple features. Scaling is an effective means to improve classification results while scaling the features for a large bundle of apps remains a challenging work. In this paper, we propose a malware detection method based on Machine Learning (ML) using permission usage analysis to cope with the rapid increase in the number of Android malware, named Permission Feature Selection (PFS). PFS uses Android permission as a classification feature with high utilization. The method greatly shortens the time cost in detection without reducing the detection accuracy and makes it possible to scan large-scale samples in a short time. Besides, various experiments were designed on real-world datasets to verify the reliability of the method. The results of the evaluation show that the proposed method performed better than other feature scaling methods with 91.2% accuracy and the average time cost reduced to less than 2 s.
This work was supported in by the National Key Research and Development Program of China-the Key Technologies for High Security Mobile Terminals (Grant No.2017YFB0801903), and the Youth Star project of the Institute of Information Engineering, CAS (No. Y8YS016104).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Statcounter. https://gs.statcounter.com/os-market-share/mobile/worldwide. Accessed 15 Apr 2019
McAfee Labs Threats Report. https://www.mcafee.com/enterprise/en-us/assets/reports/rp-quarterly-threats-dec-2018.pdf
IT Threat Evolution. https://securelist.com/it-threat-evolution-q2-2018-statistics/87170
Yuan, Z., et al.: Droid-Sec: deep learning in android malware detection. ACM SIGCOMM Comput. Commun. Rev. 44(4), 371–372 (2014)
Narayanan, A., et al.: Adaptive and scalable android malware detection through online learning. In: 2016 International Joint Conference on Neural Networks (IJCNN), pp. 2484–2491. IEEE (2016)
Sun, J., et al.: Malware detection on Android smartphones using keywords vector and SVM. In: 16th International Conference on Computer and Information Science (ICIS), pp. 833–838. IEEE (2017)
Kim, T., et al.: A multimodal deep learning method for android malware detection using various features. IEEE Trans. Inf. Forensics Secur. 14(3), 773–788 (2019)
Wang, C., Lan, Y.: PFESG: permission-based android malware feature extraction algorithm. In: Proceedings of the 2017 VI International Conference on Network, Communication and Computing, pp. 106–109. ACM (2017)
Qiao, Y., Yun, X., Zhang, Y.: How to automatically identify the homology of different malware. In: 2016 IEEE Trustcom/BigDataSE/ISPA, pp. 929–936. IEEE (2016)
Li, Z.-Q., et al.: A similar module extraction approach for android malware. In: DEStech Transactions on Computer Science and Engineering. MSO (2018)
Li, J., et al.: Significant permission identification for machine-learning-based android malware detection. IEEE Trans. Industr. Inf. 14(7), 3216–3225 (2018)
Li, D., Wang, Z., Xue, Y.: Fine-grained android malware detection based on deep learning. In: 2018 IEEE Conference on Communications and Network Security (CNS), pp. 1–2. IEEE (2018)
Zhu, H., et al.: DroidDet: effective and robust detection of android malware using static analysis along with rotation forest model. Neurocomputing 272, 638–646 (2018)
Lin, C.-H., Pao, H.-K., Liao, J.-W.: Efficient dynamic malware analysis using virtual time control mechanics. Comput. Secur. 73, 359–373 (2018)
Yan, L.K., Yin, H.: DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic android malware analysis. Presented as part of the 21st USENIX Security Symposium. USENIX Security, vol. 12, pp. 569–584 (2012)
Jordaney, R., et al.: Transcend: detecting concept drift in malware classification models. In: 26th USENIX Security Symposium. pp. 625–642 (2017)
Enck, W., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 5 (2014)
De Carli, L., et al.: KALI: scalable encryption fingerprinting in dynamic malware traces. In: 2017 12th International Conference on Malicious and Unwanted Software (MALWARE), pp. 3–10. IEEE (2017)
Bulazel, A., Yener, B.: A survey on automated dynamic malware analysis evasion and counter-evasion: PC, mobile, and web. In: Proceedings of the 1st Reversing and Offensive-Oriented Trends Symposium, p. 2. ACM (2017)
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM (2011)
Petsas, T., et al.: Rage against the virtual machine: hindering dynamic analysis of android malware. In: Proceedings of the Seventh European Workshop on System Security, p. 5. ACM (2014)
VirusShare. https://virusshare.com/. Accessed 24 Apr 2019
Drebin. https://www.sec.cs.tu-bs.de/~danarp/drebin/. Accessed Feb 2014
Google Play. https://play.google.com/store/. Accessed Apr 2019
WanDouJia. https://www.wandoujia.com/. Accessed Apr 2019
VirusTotal. https://www.virustotal.com/ko/. Accessed Apr 2019
Acknowledgement
This work was supported in by the National Key Research and Development Program of China-the Key Technologies for High Security Mobile Terminals (Grant No.2017YFB0801903), and the Youth Star project of the Institute of Information Engineering, CAS (No. Y8YS016104).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhu, D., Xi, T. (2019). Permission-Based Feature Scaling Method for Lightweight Android Malware Detection. In: Douligeris, C., Karagiannis, D., Apostolou, D. (eds) Knowledge Science, Engineering and Management. KSEM 2019. Lecture Notes in Computer Science(), vol 11775. Springer, Cham. https://doi.org/10.1007/978-3-030-29551-6_63
Download citation
DOI: https://doi.org/10.1007/978-3-030-29551-6_63
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-29550-9
Online ISBN: 978-3-030-29551-6
eBook Packages: Computer ScienceComputer Science (R0)