Abstract
A huge increase in the number of mobile malware brings a serious threat to Internet security, as the adoption rate of mobile device is soaring, especially Android device. A variety of researches have been developed to defense malware, but the mobile device users continuously suffer private information leak or economic losses from malware. Recently, a large number of methods have been proposed based on static or dynamic features analysis combining with machine learning methods, which are considered effective to detect malware on mobile device. In this paper, we propose an effective framework to detect malware on Android device based on feature extraction and neural network calssifier. In this framework, we take use of static features to represent malware and utilize extreme learning machine (ELM) algorithm to learn the neural network. We first extract features from the malware, and then utilize three different feature extraction methods including principal component analysis (PCA), Karhunen-Loève transform (KLT) and independent component analysis (ICA) to transform the feature matrix into new feature spaces and generate three new feature matrixes. For each feature matrix, we construct En base classifiers by using ELM. Finally, we utilize Stacking method to combine the results. Experimental results suggest that the proposed framework is effective in detecting malware on Android device.
Preview
Unable to display preview. Download preview PDF.
References
2014 Mobile Threat Report (2014), https://www.lookout.com/static/ee_images/Consumer_Threat_Report_Final_ENGLISH_1.14.pdf
Bartel, A., Klein, J., Le Traon, Y., et al.: Dexpler: converting android dalvik bytecode to jimple for static analysis with soot. In: Proceedings of the ACM SIGPLAN International Workshop on State of the Art in Java Program Analysis, pp. 27–38. ACM (2012)
Nath, H.V., Mehtre, B.M.: Static Malware Analysis Using Machine Learning Methods. In: Martínez Pérez, G., Thampi, S.M., Ko, R., Shu, L. (eds.) SNDS 2014. CCIS, vol. 420, pp. 440–450. Springer, Heidelberg (2014)
Amos, B., Turner, H., White, J.: Applying machine learning classifiers to dynamic android malware detection at scale. In: Proceedings of 2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 1666–1671. IEEE (2013)
Zhao, M., Ge, F., Zhang, T., Yuan, Z.: AntiMalDroid: An efficient SVM-based malware detection framework for android. In: Liu, C., Chang, J., Yang, A., et al. (eds.) ICICA 2011, Part I. CCIS, vol. 243, pp. 158–166. Springer, Heidelberg (2011)
Shabtai, A., Kanonov, U., Elovici, Y., et al.: “Andromaly”: a behavioral malware detection framework for android devices. Journal of Intelligent Information Systems 38(1), 161–190 (2012)
Sahs, J., Khan, L.: A machine learning approach to android malware detection. In: 2012 European Proceedings of Intelligence and Security Informatics Conference (EISIC), pp. 141–147. IEEE (2012)
Yerima, S.Y., Sezer, S., McWilliams, G., et al.: A new android malware detection approach using bayesian classification. In: Proceedings of 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA), pp. 121–128. IEEE (2013)
Sharma, A., Dash, S.K.: Mining API Calls and Permissions for Android Malware Detection. In: Gritzalis, D., Kiayias, A., Askoxylakis, I. (eds.) CANS 2014. LNCS, vol. 8813, pp. 191–205. Springer, Heidelberg (2014)
Aafer, Y., Du, W., Yin, H.: DroidAPIMiner: Mining API-level features for robust malware detection in android. In: Zia, T., Zomaya, A., Varadharajan, V., Mao, M. (eds.) SecureComm 2013. LNICST, vol. 127, pp. 86–103. Springer, Heidelberg (2013)
Wu, D.J., Mao, C.H., Wei, T.E., et al.: Droidmat: Android malware detection through manifest and api calls tracing. In: Proceedings of 2012 Seventh Asia Joint Conference on Information Security (Asia JCIS), pp. 62–69. IEEE (2012)
Barrera, D., Kayacik, H.G., van Oorschot, P.C., et al.: A methodology for empirical analysis of permission-based security models and its application to android. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 73–84. ACM (2010)
Yu, W., Ge, L., Xu, G., et al.: Towards Neural Network Based Malware Detection on Android Mobile Devices. In: Cybersecurity Systems for Human Cognition Augmentation. Advances in Information Security, pp. 99–117. Springer International Publishing (2014)
Mas’ud, M.Z., Sahib, S., Abdollah, M.F., et al.: Analysis of features selection and machine learning classifier in android malware detection. In: proceedings of 2014 International Conference on Information Science and Applications (ICISA), pp. 1–5. IEEE (2014)
Ozdemir, M., Sogukpinar, I.: An Android Malware Detection Architecture based on Ensemble Learning. Transactions on Machine Learning and Artificial Intelligence 2(3), 90–106 (2014)
Sheen, S., Anitha, R., Natarajan, V.: Android based malware detection using a multifeature collaborative decision fusion approach. Neurocomputing 151, 905–912 (2015)
Kang, B., Kang, B.J., Kim, J., et al.: Android malware classification method: Dalvik bytecode frequency analysis. In: Proceedings of the 2013 Research in Adaptive and Convergent Systems, pp. 349–350. ACM (2013)
Bishop, C.M.: Pattern recognition and machine learning. Springer, Heidelberg (2006)
Cao, L.J., Chong, W.K.: Feature extraction in support vector machine: a comparison of PCA, XPCA and ICA. In: Proceedings of the 9th International Conference on Neural Information Processing, ICONIP 2002, pp. 1001–1005. IEEE (2002)
Du, K.L., Swamy, M.N.S.: Independent component analysis. In: Neural Networks and Statistical Learning, pp. 419–450. Springer, London (2014)
Hyvarinen, A.: Fast and robust fixed-point algorithms for independent component analysis. IEEE Transactions on Neural Networks 10(3), 626–634 (1999)
Schmidt, W.F., Kraaijveld, M., Duin, R.P.W.: Feedforward neural networks with random weights. In: Proceedings of Conference on 11th IAPR International, pp. 1–4. IEEE (1992)
Huang, G.B., Zhu, Q.Y., Siew, C.K.: Extreme learning machine: a new learning scheme of feedforward Neural Networks. In: Proceedings of IEEE International Joint Confrence on Neural Networks, pp. 985–990. IEEE (2004)
Huang, G.B., Zhou, H., Ding, X., et al.: Extreme learning machine for regression and multiclass classification. IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics 42(2), 513–529 (2012)
Zhou, Z.H.: Ensemble methods: foundations and algorithms. CRC Press (2012)
Android Malware GenomeProject, http://www.malgenomeproject.org/
Androidonline, http://www.androidonline.net
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Zhang, W., Ren, H., Jiang, Q., Zhang, K. (2015). Exploring Feature Extraction and ELM in Malware Detection for Android Devices. In: Hu, X., Xia, Y., Zhang, Y., Zhao, D. (eds) Advances in Neural Networks – ISNN 2015. ISNN 2015. Lecture Notes in Computer Science(), vol 9377. Springer, Cham. https://doi.org/10.1007/978-3-319-25393-0_54
Download citation
DOI: https://doi.org/10.1007/978-3-319-25393-0_54
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-25392-3
Online ISBN: 978-3-319-25393-0
eBook Packages: Computer ScienceComputer Science (R0)