Skip to main content
SpringerLink
Log in

Mobile Malware Detection - An Analysis of the Impact of Feature Categories

  • Conference paper
  • First Online:
Neural Information Processing (ICONIP 2018)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 11304))

Included in the following conference series:

Abstract

The use of smartphones and hand-held devices continues to increase with rapid development in underlying technology and widespread deployment of numerous applications including social network, email and financial transactions. Inevitably, malware attacks are shifting towards these devices. To detect mobile malware, features representing the characteristics of applications play a crucial role. In this work, we systematically studied the impact of all categories of features (i.e., permission, application programmers interface calls, inter component communication and dynamic features) of android applications in classifying a malware from benign applications. We identified the best combination of feature categories that yield better performance in terms of widely used metrics than blindly using all feature categories. We proposed a new technique to include contextual information in API calls into feature values and the study reveals that embedding such information enhances malware detection capability by a good margin. Information gain analysis shows that a significant number of features in ICC category is not relevant to malware prediction and hence, least effective. This study will be useful in designing better mobile malware detection system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://archive.org/details/android_apps.

References

  1. Number of Smartphone Users Worldwide. https://www.statista.com/statistics/330695/number-of-smartphone-users-worldwide/. Accessed 16 Nov 2017

  2. Number of Android Devices. https://www.macrumors.com/2017/05/17/2-billion-active-android-devices/. Accessed 16 Nov 2017

  3. Alzaylaee, M.K., Yerima, S.Y., Sezer, S.: Emulator vs real phone: android malware detection using machine learning. In: Proceedings of the 3rd ACM on International Workshop on Security and Privacy Analytics, pp. 65–72. ACM (2017)

    Google Scholar 

  4. Yang, C., Zhang, J., Gu, G.: Understanding the market-level and network-level behaviors of the android malware ecosystem. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 2452–2457. IEEE (2017)

    Google Scholar 

  5. Samra, A.A.A., Yim, K., Ghanem, O.A.: Analysis of clustering technique in android malware detection. In: 2013 Seventh International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 729–733. IEEE (2013)

    Google Scholar 

  6. Frank, M., Dong, B., Felt, A.P., Song, D.: Mining permission request patterns from android and Facebook applications, pp. 870–875, December 2012. https://doi.org/10.1109/ICDM.2012.86

  7. Yerima, S.Y., Sezer, S., McWilliams, G.: Analysis of bayesian classification-based approaches for android malware detection. IET Inf. Secur. 8(1), 25–36 (2014)

    Article  Google Scholar 

  8. Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 95–109. IEEE (2012)

    Google Scholar 

  9. Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C.: DREBIN: effective and explainable detection of android malware in your pocket. In: Ndss, vol. 14, pp. 23–26 (2014)

    Google Scholar 

  10. Yang, W., Xiao, X., Andow, B., Li, S., Xie, T., Enck, W.: Appcontext: differentiating malicious and benign mobile app behaviors using context. In: Proceedings of the 37th International Conference on Software Engineering, ICSE 2015, vol. 1, pp. 303–313. IEEE Press, Piscataway (2015). http://dl.acm.org/citation.cfm?id=2818754.2818793

  11. Narayanan, A., Chandramohan, M., Chen, L., Liu, Y.: Context-aware, adaptive and scalable android malware detection through online learning (extended version). CoRR abs/1706.00947 (2017). http://arxiv.org/abs/1706.00947

  12. Narayanan, A., Chandramohan, M., Chen, L., Liu, Y.: A multi-view context-aware approach to android malware detection and malicious code localization. Empir. Softw. Eng. (2017). https://doi.org/10.1007/s10664-017-9539-8

    Article  Google Scholar 

  13. Xu, K., Li, Y., Deng, R.H.: ICCDetector: ICC-based malware detection on android. IEEE Trans. Inf. Forensics Secur. 11(6), 1252–1264 (2016)

    Article  Google Scholar 

  14. Feizollah, A., Anuar, N.B., Salleh, R., Suarez-Tangil, G., Furnell, S.: Androdialysis: analysis of android intent effectiveness in malware detection. Comput. Secur. 65, 121–134 (2017)

    Article  Google Scholar 

  15. Afonso, V.M., de Amorim, M.F., Grégio, A.R.A., Junquera, G.B., de Geus, P.L.: Identifying android malware using dynamically obtained features. J. Comput. Virol. Hacking Tech. 11(1), 9–17 (2015)

    Article  Google Scholar 

  16. Dimjašević, M., Atzeni, S., Ugrina, I., Rakamaric, Z.: Evaluation of android malware detection based on system calls. In: Proceedings of the 2016 ACM on International Workshop on Security And Privacy Analytics, pp. 1–8. ACM (2016)

    Google Scholar 

  17. Tong, F., Yan, Z.: A hybrid approach of mobile malware detection in android. J. Parallel Distrib. Comput. 103, 22–31 (2017)

    Article  Google Scholar 

  18. Yuan, Z., Lu, Y., Wang, Z., Xue, Y.: Droid-sec: deep learning in android malware detection. In: ACM SIGCOMM Computer Communication Review, vol. 44, pp. 371–372. ACM (2014)

    Google Scholar 

  19. Arzt, S., et al.: Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. ACM Sigplan Not. 49(6), 259–269 (2014)

    Article  Google Scholar 

  20. Su, X., Zhang, D., Li, W., Zhao, K.: A deep learning approach to android malware feature learning and detection. In: Trustcom/BigDataSE/I SPA, pp. 244–251. IEEE (2016)

    Google Scholar 

  21. Au, K.W.Y., Zhou, Y.F., Huang, Z., Lie, D.: Pscout: analyzing the android permission specification. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 217–228. ACM (2012)

    Google Scholar 

  22. Quinlan, J.R.: C4.5: Programs for Machine Learning. Morgan Kaufmann Publishers Inc., San Francisco (1993)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Internet Commerce Security Laboratory, Federation University Australia, Ballarat, Australia

    Mahbub E. Khoda, Joarder Kamruzzaman & Iqbal Gondal

  2. CQUniversity Australia, Rockhampton, Australia

    Tasadduq Imam

Authors
  1. Mahbub E. Khoda
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Joarder Kamruzzaman
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Iqbal Gondal
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Tasadduq Imam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mahbub E. Khoda .

Editor information

Editors and Affiliations

  1. The Chinese Academy of Sciences, Beijing, China

    Long Cheng

  2. City University of Hong Kong, Kowloon, Hong Kong

    Andrew Chi Sing Leung

  3. Kobe University, Kobe, Japan

    Seiichi Ozawa

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Khoda, M.E., Kamruzzaman, J., Gondal, I., Imam, T. (2018). Mobile Malware Detection - An Analysis of the Impact of Feature Categories. In: Cheng, L., Leung, A., Ozawa, S. (eds) Neural Information Processing. ICONIP 2018. Lecture Notes in Computer Science(), vol 11304. Springer, Cham. https://doi.org/10.1007/978-3-030-04212-7_43

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-04212-7_43

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-04211-0

  • Online ISBN: 978-3-030-04212-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation