Leveraging Machine Learning for Android Malware Analysis: Insights from Static and Dynamic Techniques

Authors

  • Mohd Anul Haq Department of Computer Science, College of Computer Sciences and Information Sciences, Majmaah University; Al Majmaah, 11952; Saudi Arabia
  • Majed Khuthaylah Department of Information Technology, College of Computer Sciences and Information Sciences, Majmaah University, Al Majmaah; 11952; Saudi Arabia
Volume: 14 | Issue: 4 | Pages: 15027-15032 | August 2024 | https://doi.org/10.48084/etasr.7632

Received: 25 April 2024 | Revised: 4 May 2024 | Accepted: 17 May 2024 | Online: 2 August 2024


Corresponding author: Mohd Anul Haq

Abstract

In this study, the domain of Android malware detection was explored with a specific focus on leveraging the potential of Machine Learning (ML). At the time of this study, Android had firmly established its dominance in the mobile landscape and IoT devices, necessitating a concerted effort to fortify its security against emerging malware threats. Static analysis methods were scrutinized as vital sources of feature extraction for ML, while dynamic analysis methods were employed to analyze the behavior of applications in real or simulated environments. Additionally, a hybrid method, combining both static and dynamic analyses, was investigated. The study evaluated four ML models: XGBoost, Random Forest (RF), Support Vector Machine (SVM), and Decision Tree (DT), revealing compelling insights into their performance metrics. Notably, RF achieved the highest accuracy of 0.99, closely followed by SVM with an accuracy of 0.96. These results underscore the potential effectiveness of ML techniques in bolstering Android malware detection and mitigating security risks. As the research progressed, it underscored the latent power of integrating ML into the framework of Android malware analysis. With an eye towards the future, the overarching goal was to empower enhanced security measures and foster a resilient mobile ecosystem through the insights gleaned from this investigation.

Keywords:

malware, ML, static and dynamic modeling, hyperparameter tuning, cross-validation, IoT

Downloads

Download data is not yet available.

References

M. A. Haq, "DBoTPM: A Deep Neural Network-Based Botnet Prediction Model," Electronics, vol. 12, no. 5, Jan. 2023, Art. no. 1159.

M. A. Haq and M. A. R. Khan, "Dnnbot: Deep neural network-based botnet detection and classification," Computers, Materials and Continua, vol. 71, no. 1, pp. 1729–1750, 2022.

M. A. Haq, M. A. R. Khan, and T. AL-Harbi, "Development of pccnn-based network intrusion detection system for edge computing," Computers, Materials and Continua, vol. 71, no. 1, pp. 1769–1788, 2022.

C. S. Yadav et al., "Malware Analysis in IoT & Android Systems with Defensive Mechanism," Electronics, vol. 11, no. 15, Jan. 2022, Art. no. 2354.

H. Cai, X. Fu, and A. Hamou-Lhadj, "A study of run-time behavioral evolution of benign versus malicious apps in android," Information and Software Technology, vol. 122, Jun. 2020, Art. no. 106291.

H. Cai and B. Ryder, "A Longitudinal Study of Application Structure and Behaviors in Android," IEEE Transactions on Software Engineering, vol. 47, no. 12, pp. 2934–2955, Sep. 2021.

M. Noman and M. Iqbal, "A Survey on Detection and Prevention of Web Vulnerabilities," International Journal of Advanced Computer Science and Applications, vol. 11, no. 6, pp. 521–540, Jul. 2020.

A. S. Shatnawi, A. Jaradat, T. B. Yaseen, E. Taqieddin, M. Al-Ayyoub, and D. Mustafa, "An Android Malware Detection Leveraging Machine Learning," Wireless Communications and Mobile Computing, vol. 2022, May 2022, Art. no. e1830201.

K. Liu, S. Xu, G. Xu, M. Zhang, D. Sun, and H. Liu, "A Review of Android Malware Detection Approaches Based on Machine Learning," IEEE Access, vol. 8, pp. 124579–124607, 2020.

W. Zhang, H. Wang, H. He, and P. Liu, "DAMBA: Detecting Android Malware by ORGB Analysis," IEEE Transactions on Reliability, vol. 69, no. 1, pp. 55–69, Mar. 2020.

S. Alam, S. A. Alharbi, and S. Yildirim, "Mining nested flow of dominant APIs for detecting android malware," Computer Networks, vol. 167, Feb. 2020, Art. no. 107026.

O. Olukoya, L. Mackenzie, and I. Omoronyia, "Towards using unstructured user input request for malware detection," Computers & Security, vol. 93, Jun. 2020, Art. no. 101783.

N. J. Ratyal, M. Khadam, and M. Aleem, "On the Evaluation of the Machine Learning Based Hybrid Approach for Android Malware Detection," in 22nd International Multitopic Conference, Islamabad, Pakistan, Nov. 2019, pp. 1–8.

H. Zhang, S. Luo, Y. Zhang, and L. Pan, "An Efficient Android Malware Detection System Based on Method-Level Behavioral Semantic Analysis," IEEE Access, vol. 7, pp. 69246–69256, Jan. 2019.

C. Yang, Z. Xu, G. Gu, V. Yegneswaran, and P. Porras, "DroidMiner: Automated Mining and Characterization of Fine-grained Malicious Behaviors in Android Applications," in 19th European Symposium on Research in Computer Security, Wroclaw, Poland, Sep. 2014, vol. 8712, pp. 163–182.

H. Fereidooni, M. Conti, D. Yao, and A. Sperduti, "ANASTASIA: ANdroid mAlware detection using STatic analySIs of Applications," in 8th IFIP International Conference on New Technologies, Mobility and Security, Larnaca, Cyprus, Nov. 2016, pp. 1–5.

X. Fu and H. Cai, "On the Deterioration of Learning-Based Malware Detectors for Android," in 41st International Conference on Software Engineering: Companion Proceedings, Montreal, QC, Canada, Dec. 2019, pp. 272–273.

L. Cai, Y. Li, and Z. Xiong, "JOWMDroid: Android malware detection based on feature weighting with joint optimization of weight-mapping and classifier parameters," Computers & Security, vol. 100, Jan. 2021, Art. no. 102086.

R. S. Arslan, I. A. Dogru, and N. Barisci, "Permission-Based Malware Detection System for Android Using Machine Learning Techniques," International Journal of Software Engineering and Knowledge Engineering, vol. 29, no. 01, pp. 43–61, Jan. 2019.

C. Urcuqui, "Dataset malware/beningn permissions Android." 2016, [Online]. Available: https://www.kaggle.com/datasets/xwolf12/

datasetandroidpermissions.

G. Tao, Z. Zheng, Z. Guo, and M. R. Lyu, "MalPat: Mining Patterns of Malicious and Benign Android Apps via Permission-Related APIs," IEEE Transactions on Reliability, vol. 67, no. 1, pp. 355–369, Mar. 2018.

A. Al-Marghilani, "Comprehensive Analysis of IoT Malware Evasion Techniques," Engineering, Technology & Applied Science Research, vol. 11, no. 4, pp. 7495–7500, Aug. 2021.

K. Aldriwish, "A Deep Learning Approach for Malware and Software Piracy Threat Detection," Engineering, Technology & Applied Science Research, vol. 11, no. 6, pp. 7757–7762, Dec. 2021.

A. Bathula, S. Muhuri, S. Gupta, and S. Merugu, "Secure certificate sharing based on Blockchain framework for online education," Multimedia Tools and Applications, vol. 82, no. 11, pp. 16479–16500, May 2023.

A. Bathula, S. Gupta, S. Merugu, and S. S. Skandha, "Academic Projects on Certification Management Using Blockchain- A Review," in International Conference on Recent Trends in Microelectronics, Automation, Computing and Communications Systems, Hyderabad, India, Dec. 2022, pp. 1–6.

S. Merugu, K. Jain, A. Mittal, and B. Raman, "Sub-scene Target Detection and Recognition Using Deep Learning Convolution Neural Networks," in ICDSMLA 2019, Singapore, 2020, pp. 1082–1101.

M. Suresh, A. S. Shaik, B. Premalatha, V. A. Narayana, and G. Ghinea, "Intelligent & Smart Navigation System for Visually Impaired Friends," in 12th International Advanced Computing Conference, Hyderabad, India, Dec. 2022, pp. 374–383.

S. Merugu, M. C. S. Reddy, E. Goyal, and L. Piplani, "Text Message Classification Using Supervised Machine Learning Algorithms," in International Conference on Communications and Cyber Physical Engineering, Hyderabad, India, Jan. 2018, pp. 141–150.

Downloads

How to Cite

[1]
Haq, M.A. and Khuthaylah, M. 2024. Leveraging Machine Learning for Android Malware Analysis: Insights from Static and Dynamic Techniques. Engineering, Technology & Applied Science Research. 14, 4 (Aug. 2024), 15027–15032. DOI:https://doi.org/10.48084/etasr.7632.

Metrics

Abstract Views: 231
PDF Downloads: 334

Metrics Information

License

Copyright (c) 2024 Mohd Anul Haq, Majed Khuthaylah

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with this journal agree to the following terms:

- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.

Crossref
Scopus
Google Scholar
Europe PMC

Most read articles by the same author(s)