A Detection Android Cybercrime Model utilizing Machine Learning Technology
Received: 9 March 2024 | Revised: 28 March 2024 | Accepted: 30 March 2024 | Online: 7 June 2024
Corresponding author: Fahad M. Ghabban
Abstract
The present study developed a Detection Android cybercrime Model (DACM), deploying the design science approach to detect different Android-related cybercrimes. The developed model consists of five stages: problem identification and data collection, data preprocessing and feature extraction, model selection and training, model evaluation and validation, and model deployment and monitoring. Compared to the existing cybercrime detection models on the Android, the developed DACM is comprehensive and covers all the existing detection phases. It provides a robust and effective way to spot cybercrime in the Android ecosystem by following Machine Learning (ML) technology. The model covers all the detection stages that are normally included in similar models, so it provides an integrated and holistic approach to combating cybercrime.
Keywords:
detection model, machine learning, Android system, design science approachDownloads
References
F. Alotaibi, A. Al-Dhaqm, and Y. D. Al-Otaibi, "A Conceptual Digital Forensic Investigation Model Applicable to the Drone Forensics Field," Engineering, Technology & Applied Science Research, vol. 13, no. 5, pp. 11608–11615, Oct. 2023.
P. Weichbroth and Ł. Łysik, "Mobile Security: Threats and Best Practices," Mobile Information Systems, vol. 2020, Dec. 2020, Art. no. e8828078.
C. Li, K. Mills, D. Niu, R. Zhu, H. Zhang, and H. Kinawi, "Android Malware Detection Based on Factorization Machine," IEEE Access, vol. 7, pp. 184008–184019, 2019.
E. C. Bayazit, O. Koray Sahingoz, and B. Dogan, "Malware Detection in Android Systems with Traditional Machine Learning Models: A Survey," in International Congress on Human-Computer Interaction, Optimization and Robotic Applications, Ankara, Turkey, Jun. 2020, pp. 1–8.
N. I. Che Mat, N. Jamil, Y. Yusoff, and M. L. Mat Kiah, "A systematic literature review on advanced persistent threat behaviors and its detection strategy," Journal of Cybersecurity, vol. 10, no. 1, Jan. 2024, Art. no. tyad023.
I. H. Sarker, "Machine Learning for Intelligent Data Analysis and Automation in Cybersecurity: Current and Future Prospects," Annals of Data Science, vol. 10, no. 6, pp. 1473–1498, Dec. 2023.
A. S. Alraddadi, "A Survey and a Credit Card Fraud Detection and Prevention Model using the Decision Tree Algorithm," Engineering, Technology & Applied Science Research, vol. 13, no. 4, pp. 11505–11510, Aug. 2023.
A. Alshammari, "A Novel Security Framework to Mitigate and Avoid Unexpected Security Threats in Saudi Arabia," Engineering, Technology & Applied Science Research, vol. 13, no. 4, pp. 11445–11450, Aug. 2023.
S. Y. Yerima, S. Sezer, and I. Muttik, "High accuracy android malware detection using ensemble learning," IET Information Security, vol. 9, no. 6, pp. 313–320, 2015.
K. Wagstaff, "Machine Learning that Matters." arXiv, Jun. 18, 2012.
O. V. Lee et al., "A malicious URLs detection system using optimization and machine learning classifiers," Indonesian Journal of Electrical Engineering and Computer Science, vol. 17, no. 3, pp. 1210–1214, Mar. 2020.
N. S. Zaini et al., "Phishing detection system using machine learning classifiers," Indonesian Journal of Electrical Engineering and Computer Science, vol. 17, no. 3, pp. 1165–1171, 2019.
D. Abel, A. Barreto, B. Van Roy, D. Precup, H. P. van Hasselt, and S. Singh, "A Definition of Continual Reinforcement Learning," Advances in Neural Information Processing Systems, vol. 36, pp. 50377–50407, Dec. 2023.
A. Al-Dhaqm, S. A. Razak, S. H. Othman, A. Nagdi, and A. Ali, "A generic database forensic investigation process model," Jurnal Teknologi, vol. 78, no. 6–11, pp. 45–57, Jun. 2016.
A. A. Alhussan, A. Al-Dhaqm, W. M. S. Yafooz, A.-H. M. Emara, S. Bin Abd Razak, and D. S. Khafaga, "A Unified Forensic Model Applicable to the Database Forensics Field," Electronics, vol. 11, no. 9, Jan. 2022, Art. no. 1347.
H. R. Sandeep, "Static Analysis of Android Malware Detection using Deep Learning," in International Conference on Intelligent Computing and Control Systems, Madurai, India, Dec. 2019, pp. 841–845.
M. Takaoglu and C. Ozer, "Saldiri Tespit Sistemlerine Makine Ogrenme Etkisi," Uluslararası Yonetim Bilisim Sistemleri ve Bilgisayar Bilimleri Dergisi, vol. 3, no. 1, pp. 11–22, Jun. 2019.
A. Al-Dhaqm, W. M. S. Yafooz, S. H. Othman, and A. Ali, "Database Forensics Field and Children Crimes," in Kids Cybersecurity Using Computational Intelligence Techniques, W. M. S. Yafooz, H. Al-Aqrabi, A. Al-Dhaqm, and A. Emara, Eds. New York, NY, USA: Springer, 2023, pp. 81–92.
M. Q. Mohammed et al., "Deep Reinforcement Learning-Based Robotic Grasping in Clutter and Occlusion," Sustainability, vol. 13, no. 24, Jan. 2021, Art. no. 13686.
W. M. S. Yafooz, A. Al-Dhaqm, and A. Alsaeedi, "Detecting Kids Cyberbullying Using Transfer Learning Approach: Transformer Fine-Tuning Models," in Kids Cybersecurity Using Computational Intelligence Techniques, W. M. S. Yafooz, H. Al-Aqrabi, A. Al-Dhaqm, and A. Emara, Eds. New York, NY, USA: Springer, 2023, pp. 255–267.
I. U. Onwuegbuzie, S. A. Razak, I. F. Isnin, A. Al-dhaqm, and N. B. Anuar, "Prioritized Shortest Path Computation Mechanism (PSPCM) for wireless sensor networks," PLOS ONE, vol. 17, no. 3, Mar. 2022, Art. no. e0264683.
A. Al-dhaqm, M. Bakhtiari, E. Alobaidi, and A. Saleh, "Studding and Analyzing Wireless Networks Access points," International Journal of Scientific & Engineering Research, vol. 4, no. 1, pp. 1–8, 2013.
R. Al-Mugerrn, A. Al-Dhaqm, and S. H. Othman, "A Metamodeling Approach for Structuring and Organizing Cloud Forensics Domain," in International Conference on Smart Computing and Application, Hail, Saudi Arabia, Feb. 2023, pp. 1–5.
A. A. Zubair et al., "A Cloud Computing-Based Modified Symbiotic Organisms Search Algorithm (AI) for Optimal Task Scheduling," Sensors, vol. 22, no. 4, Jan. 2022, Art. no. 1674.
B. E. Sabir, M. Youssfi, O. Bouattane, and H. Allali, "Towards a New Model to Secure IoT-based Smart Home Mobile Agents using Blockchain Technology," Engineering, Technology & Applied Science Research, vol. 10, no. 2, pp. 5441–5447, Apr. 2020.
M. Saleh et al., "A Metamodeling Approach for IoT Forensic Investigation," Electronics, vol. 12, no. 3, Jan. 2023, Art. no. 524.
A. E. Yahya, A. Gharbi, W. M. S. Yafooz, and A. Al-Dhaqm, "A Novel Hybrid Deep Learning Model for Detecting and Classifying Non-Functional Requirements of Mobile Apps Issues," Electronics, vol. 12, no. 5, Jan. 2023, Art. no. 1258.
K. N. Qureshi et al., "A Blockchain-Based Efficient, Secure and Anonymous Conditional Privacy-Preserving and Authentication Scheme for the Internet of Vehicles," Applied Sciences, vol. 12, no. 1, Jan. 2022, Art. no. 476.
A. M. R. Al-dhaqm and Md. A. Nagdi, "Detection and Prevention of Malicious Activities on RDBMS Relational Database Management Systems," International Journal of Scientific & Engineering Research, vol. 3, no. 9, Sep 12, [Online]. Available: https://www.ijser.org/paper/Detection-and-Prevention-of-Malicious-Activities-on-RDBMS-Relational-Database-Management-Systems.html.
I. U. Onwuegbuzie, S. A. Razak, I. F. Isnin, T. S. J. Darwish, and A. Al-dhaqm, "Optimized backoff scheme for prioritized data in wireless sensor networks: A class of service approach," PLOS ONE, vol. 15, no. 8, Jul. 2020, Art. no. e0237154.
S. Abd Razak, N. H. Mohd Nazari, and A. Al-Dhaqm, "Data Anonymization Using Pseudonym System to Preserve Data Privacy," IEEE Access, vol. 8, pp. 43256–43264, 2020.
W. A. H. Altowayti et al., "The Role of Conventional Methods and Artificial Intelligence in the Wastewater Treatment: A Comprehensive Review," Processes, vol. 10, no. 9, Sep. 2022, Art. no. 1832.
M. Rasool, N. A. Ismail, A. Al-Dhaqm, W. M. S. Yafooz, and A. Alsaeedi, "A Novel Approach for Classifying Brain Tumours Combining a SqueezeNet Model with SVM and Fine-Tuning," Electronics, vol. 12, no. 1, Jan. 2023, Art. no. 149.
M. Q. Mohammed et al., "Review of Learning-Based Robotic Manipulation in Cluttered Environments," Sensors, vol. 22, no. 20, Jan. 2022, Art. no. 7938.
I. U. Onwuegbuzie, S. A. Razak, and A. Al-Dhaqm, "Multi-Sink Load-Balancing Mechanism for Wireless Sensor Networks," in IEEE International Conference on Computing, Kuala Lumpur, Malaysia, Nov. 2021, pp. 140–145.
D. M. Bakhtiari and A. M. R. Al-dhaqm, "Mechanisms to Prevent lose Data," International Journal of Scientific & Engineering Research, vol. 3, no. 12, pp. 1–4, 2012.
H. Ahmetoglu and R. Das, "Derin Ogrenme ile Buyuk Veri Kumelerinden Saldiri Turlerinin Siniflandirilmasi," in International Artificial Intelligence and Data Processing Symposium, Malatya, Turkey, Sep. 2019, pp. 1–9.
A. H. Lashkari, A. F. A. Kadir, L. Taheri, and A. A. Ghorbani, "Toward Developing a Systematic Approach to Generate Benchmark Android Malware Datasets and Classification," in International Carnahan Conference on Security Technology, Montreal, QC, Canada, Oct. 2018, pp. 1–7.
R. Vinayakumar, K. P. Soman, P. Poornachandran, and S. Sachin Kumar, "Detecting Android malware using Long Short-term Memory (LSTM)," Journal of Intelligent & Fuzzy Systems, vol. 34, no. 3, pp. 1277–1288, Jan. 2018.
R. S. Arslan, I. A. Dogru, and N. Barisci, "Permission-Based Malware Detection System for Android Using Machine Learning Techniques," International Journal of Software Engineering and Knowledge Engineering, vol. 29, no. 1, pp. 43–61, Jan. 2019.
A. Feizollah, N. B. Anuar, R. Salleh, G. Suarez-Tangil, and S. Furnell, "AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection," Computers & Security, vol. 65, pp. 121–134, Mar. 2017.
R. Feng et al., "MobiDroid: A Performance-Sensitive Malware Detection System on Mobile Platform," in 24th International Conference on Engineering of Complex Computer Systems, Guangzhou, China, Nov. 2019, pp. 61–70.
S. Sharma, C. R. Krishna, and R. Kumar, "Android Ransomware Detection using Machine Learning Techniques: A Comparative Analysis on GPU and CPU," in 21st International Arab Conference on Information Technology, Giza, Egypt, Nov. 2020, pp. 1–6.
H. A. Al-Ofeishat, "Enhancing Android Security: Network-Driven Machine Learning Approach For Malware Detection," Journal of Theoretical and Applied Information Technology, vol. 102, no. 2, pp. 737–750, 2024.
K. Shaukat, S. Luo, and V. Varadharajan, "A novel machine learning approach for detecting first-time-appeared malware," Engineering Applications of Artificial Intelligence, vol. 131, May 2024, Art. no. 107801.
Z. Liu, R. Wang, N. Japkowicz, H. M. Gomes, B. Peng, and W. Zhang, "SeGDroid: An Android malware detection method based on sensitive function call graph learning," Expert Systems with Applications, vol. 235, Jan. 2024, Art. no. 121125.
S. Y. Yerima, S. Sezer, and I. Muttik, "Android Malware Detection Using Parallel Machine Learning Classifiers," in Eighth International Conference on Next Generation Mobile Apps, Services and Technologies, Oxford, UK, Sep. 2014, pp. 37–42.
B. Rashidi, C. Fung, and E. Bertino, "Android malicious application detection using support vector machine and active learning," in 13th International Conference on Network and Service Management, Tokyo, Japan, Nov. 2017, pp. 1–9.
D. Ucci, L. Aniello, and R. Baldoni, "Survey of machine learning techniques for malware analysis," Computers & Security, vol. 81, pp. 123–147, Mar. 2019.
N. Milosevic, A. Dehghantanha, and K.-K. R. Choo, "Machine learning aided Android malware classification," Computers & Electrical Engineering, vol. 61, pp. 266–274, Jul. 2017.
S. Y. Yerima and S. Sezer, "DroidFusion: A Novel Multilevel Classifier Fusion Approach for Android Malware Detection," IEEE Transactions on Cybernetics, vol. 49, no. 2, pp. 453–466, Oct. 2019.
S. Hahn, M. Protsenko, and T. Müller, "Comparative evaluation of machine learning-based malware detection on android.," in Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit, 2016, pp. 79–88, [Online]. Available: https://dl.gi.de/items/c8d84289-435d-413a-affc-abc26ff184eb.
M. Lindorfer, M. Neugschwandtner, and C. Platzer, "MARVIN: Efficient and Comprehensive Mobile App Classification through Static and Dynamic Analysis," in 39th Annual Computer Software and Applications Conference, Taichung, Taiwan, Jul. 2015, vol. 2, pp. 422–433.
F. M. Alotaibi, A. Al-Dhaqm, W. M. S. Yafooz, and Y. D. Al-Otaibi, "A Novel Administration Model for Managing and Organising the Heterogeneous Information Security Policy Field," Applied Sciences, vol. 13, no. 17, Jan. 2023, Art. no. 9703.
A. Al-Dhaqm et al., "Categorization and Organization of Database Forensic Investigation Processes," IEEE Access, vol. 8, pp. 112846–112858, 2020.
P. U. Chinedu, W. Nwankwo, F. U. Masajuwa, and S. Imoisi, "Cybercrime Detection and Prevention Efforts in the Last Decade: An Overview of the Possibilities of Machine Learning Models," Rigeo, vol. 11, no. 7, pp. 956–974, Aug. 2021.
S. Sharma, C. R. Krishna, and R. Kumar, "RansomDroid: Forensic analysis and detection of Android Ransomware using unsupervised machine learning technique," Forensic Science International: Digital Investigation, vol. 37, Jun. 2021, Art. no. 301168.
M. S. Hossain and M. H. Riaz, "Android Malware Detection System: A Machine Learning and Deep Learning Based Multilayered Approach," in International Conference on Intelligent Computing & Optimization, Hua Hin, Thailand, Oct. 2022, pp. 277–287.
L. Taheri, A. F. A. Kadir, and A. H. Lashkari, "Extensible Android Malware Detection and Family Classification Using Network-Flows and API-Calls," in International Carnahan Conference on Security Technology, Chennai, India, Oct. 2019, pp. 1–8.
Downloads
How to Cite
License
Copyright (c) 2024 Fahad Gaban
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.
