A Method for Automatic Android Malware Detection Based on Static Analysis and Deep Learning

A Method for Automatic Android Malware Detection Based on Static Analysis and Deep Learning

The computers nowadays are being replaced by the smartphones for the most of the internet users around the world, and Android is getting the most of the smartphone systems' market. This rise of the usage of smartphones generally, and the Android system specifically, leads to a strong need to ef...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE access 2022, Vol.10, p.1-1
Hauptverfasser: Ibrahim, Mulhem, Issa, Bayan, Jasser, Muhammed Basheer
Format: Artikel
Sprache:eng
Schlagworte:
Android
Androids
Classification
Codes
Datasets
Deep learning
Feature extraction
Machine learning
Malware
Mobile operating systems
Mobile Security
Operating systems
Smart phones
Smartphones
Static analysis
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 1
container_issue
container_start_page 1
container_title IEEE access
container_volume 10
creator Ibrahim, Mulhem
Issa, Bayan
Jasser, Muhammed Basheer
description The computers nowadays are being replaced by the smartphones for the most of the internet users around the world, and Android is getting the most of the smartphone systems' market. This rise of the usage of smartphones generally, and the Android system specifically, leads to a strong need to effectively secure Android, as the malware developers are targeting it with sophisticated and obfuscated malware applications. Consequently, a lot of studies were performed to propose a robust method to detect and classify android malicious software (malware). Some of them were effective, some were not; with accuracy below 90%, and some of them are being outdated; using datasets that became old containing applications for old versions of Android that are rarely used today. In this paper, a new method is proposed by using static analysis and gathering as most useful features of android applications as possible, along with two new proposed features, and then passing them to a functional API deep learning model we made. This method was implemented on a new and classified android application dataset, using 14079 malware and benign samples in total, with malware samples classified into four malware classes. Two major experiments with this dataset were implemented, one for malware detection with the dataset samples categorized into two classes as just malware and benign, the second one was made for malware detection and classification, using all the five classes of the dataset. As a result, our model overcomes the related works when using just two classes with F1-score of 99.5%. Also, high malware detection and classification performance was obtained by using the five classes, with F1-score of 97%.
doi_str_mv 10.1109/ACCESS.2022.3219047
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_crossref_primary_10_1109_ACCESS_2022_3219047</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9936621</ieee_id><doaj_id>oai_doaj_org_article_46d2c68f989e4c70868cf0ff24cb486a</doaj_id><sourcerecordid>2736886185</sourcerecordid><originalsourceid>FETCH-LOGICAL-c408t-e736b82f30c2b83ce64916bd6429f217a41f616677145b4c848f0de62094429c3</originalsourceid><addsrcrecordid>eNpNkU1LAzEQhhdRUNRf4CXguTVfnU2Oa_2EiofqyUPIJhPdUjc12SL-e6NbxLnMMDzvmwlvVZ0xOmWM6otmPr9eLqeccj4VnGkq673qiDPQEzETsP9vPqxOc17RUqqsZvVR9dKQBxzeoichJtJsh_huh86Rpvcpdp482PWnTUiucEA3dLEnlzajJ2VYDjvSrr9yl4ntfcFwQxZoU9_1ryfVQbDrjKe7flw931w_ze8mi8fb-3mzmDhJ1TDBWkCreBDU8VYJhyA1g9aD5DpwVlvJAjCAumZy1kqnpArUI3CqZUGcOK7uR18f7cpsUvdu05eJtjO_i5hejU3l1DUaCZ47UEErjdLVVIFygYbApWulAlu8zkevTYofW8yDWcVtKl_Mhpc7lQKmZoUSI-VSzDlh-HuVUfMTihlDMT-hmF0oRXU2qjpE_FNoLQA4E998rYW4</addsrcrecordid><sourcetype>Open Website</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2736886185</pqid></control><display><type>article</type><title>A Method for Automatic Android Malware Detection Based on Static Analysis and Deep Learning</title><source>IEEE Open Access Journals</source><source>DOAJ Directory of Open Access Journals</source><source>EZB-FREE-00999 freely available EZB journals</source><creator>Ibrahim, Mulhem ; Issa, Bayan ; Jasser, Muhammed Basheer</creator><creatorcontrib>Ibrahim, Mulhem ; Issa, Bayan ; Jasser, Muhammed Basheer</creatorcontrib><description>The computers nowadays are being replaced by the smartphones for the most of the internet users around the world, and Android is getting the most of the smartphone systems' market. This rise of the usage of smartphones generally, and the Android system specifically, leads to a strong need to effectively secure Android, as the malware developers are targeting it with sophisticated and obfuscated malware applications. Consequently, a lot of studies were performed to propose a robust method to detect and classify android malicious software (malware). Some of them were effective, some were not; with accuracy below 90%, and some of them are being outdated; using datasets that became old containing applications for old versions of Android that are rarely used today. In this paper, a new method is proposed by using static analysis and gathering as most useful features of android applications as possible, along with two new proposed features, and then passing them to a functional API deep learning model we made. This method was implemented on a new and classified android application dataset, using 14079 malware and benign samples in total, with malware samples classified into four malware classes. Two major experiments with this dataset were implemented, one for malware detection with the dataset samples categorized into two classes as just malware and benign, the second one was made for malware detection and classification, using all the five classes of the dataset. As a result, our model overcomes the related works when using just two classes with F1-score of 99.5%. Also, high malware detection and classification performance was obtained by using the five classes, with F1-score of 97%.</description><identifier>ISSN: 2169-3536</identifier><identifier>EISSN: 2169-3536</identifier><identifier>DOI: 10.1109/ACCESS.2022.3219047</identifier><identifier>CODEN: IAECCG</identifier><language>eng</language><publisher>Piscataway: IEEE</publisher><subject>Android ; Androids ; Classification ; Codes ; Datasets ; Deep learning ; Feature extraction ; Machine learning ; Malware ; Mobile operating systems ; Mobile Security ; Operating systems ; Smart phones ; Smartphones ; Static analysis</subject><ispartof>IEEE access, 2022, Vol.10, p.1-1</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2022</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c408t-e736b82f30c2b83ce64916bd6429f217a41f616677145b4c848f0de62094429c3</citedby><cites>FETCH-LOGICAL-c408t-e736b82f30c2b83ce64916bd6429f217a41f616677145b4c848f0de62094429c3</cites><orcidid>0000-0001-5292-465X ; 0000-0002-7559-3416 ; 0000-0002-6285-1500</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9936621$$EHTML$$P50$$Gieee$$Hfree_for_read</linktohtml><link.rule.ids>314,780,784,864,2102,4024,27633,27923,27924,27925,54933</link.rule.ids></links><search><creatorcontrib>Ibrahim, Mulhem</creatorcontrib><creatorcontrib>Issa, Bayan</creatorcontrib><creatorcontrib>Jasser, Muhammed Basheer</creatorcontrib><title>A Method for Automatic Android Malware Detection Based on Static Analysis and Deep Learning</title><title>IEEE access</title><addtitle>Access</addtitle><description>The computers nowadays are being replaced by the smartphones for the most of the internet users around the world, and Android is getting the most of the smartphone systems' market. This rise of the usage of smartphones generally, and the Android system specifically, leads to a strong need to effectively secure Android, as the malware developers are targeting it with sophisticated and obfuscated malware applications. Consequently, a lot of studies were performed to propose a robust method to detect and classify android malicious software (malware). Some of them were effective, some were not; with accuracy below 90%, and some of them are being outdated; using datasets that became old containing applications for old versions of Android that are rarely used today. In this paper, a new method is proposed by using static analysis and gathering as most useful features of android applications as possible, along with two new proposed features, and then passing them to a functional API deep learning model we made. This method was implemented on a new and classified android application dataset, using 14079 malware and benign samples in total, with malware samples classified into four malware classes. Two major experiments with this dataset were implemented, one for malware detection with the dataset samples categorized into two classes as just malware and benign, the second one was made for malware detection and classification, using all the five classes of the dataset. As a result, our model overcomes the related works when using just two classes with F1-score of 99.5%. Also, high malware detection and classification performance was obtained by using the five classes, with F1-score of 97%.</description><subject>Android</subject><subject>Androids</subject><subject>Classification</subject><subject>Codes</subject><subject>Datasets</subject><subject>Deep learning</subject><subject>Feature extraction</subject><subject>Machine learning</subject><subject>Malware</subject><subject>Mobile operating systems</subject><subject>Mobile Security</subject><subject>Operating systems</subject><subject>Smart phones</subject><subject>Smartphones</subject><subject>Static analysis</subject><issn>2169-3536</issn><issn>2169-3536</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><sourceid>ESBDL</sourceid><sourceid>RIE</sourceid><sourceid>DOA</sourceid><recordid>eNpNkU1LAzEQhhdRUNRf4CXguTVfnU2Oa_2EiofqyUPIJhPdUjc12SL-e6NbxLnMMDzvmwlvVZ0xOmWM6otmPr9eLqeccj4VnGkq673qiDPQEzETsP9vPqxOc17RUqqsZvVR9dKQBxzeoichJtJsh_huh86Rpvcpdp482PWnTUiucEA3dLEnlzajJ2VYDjvSrr9yl4ntfcFwQxZoU9_1ryfVQbDrjKe7flw931w_ze8mi8fb-3mzmDhJ1TDBWkCreBDU8VYJhyA1g9aD5DpwVlvJAjCAumZy1kqnpArUI3CqZUGcOK7uR18f7cpsUvdu05eJtjO_i5hejU3l1DUaCZ47UEErjdLVVIFygYbApWulAlu8zkevTYofW8yDWcVtKl_Mhpc7lQKmZoUSI-VSzDlh-HuVUfMTihlDMT-hmF0oRXU2qjpE_FNoLQA4E998rYW4</recordid><startdate>2022</startdate><enddate>2022</enddate><creator>Ibrahim, Mulhem</creator><creator>Issa, Bayan</creator><creator>Jasser, Muhammed Basheer</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>ESBDL</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>7SR</scope><scope>8BQ</scope><scope>8FD</scope><scope>JG9</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>DOA</scope><orcidid>https://orcid.org/0000-0001-5292-465X</orcidid><orcidid>https://orcid.org/0000-0002-7559-3416</orcidid><orcidid>https://orcid.org/0000-0002-6285-1500</orcidid></search><sort><creationdate>2022</creationdate><title>A Method for Automatic Android Malware Detection Based on Static Analysis and Deep Learning</title><author>Ibrahim, Mulhem ; Issa, Bayan ; Jasser, Muhammed Basheer</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c408t-e736b82f30c2b83ce64916bd6429f217a41f616677145b4c848f0de62094429c3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Android</topic><topic>Androids</topic><topic>Classification</topic><topic>Codes</topic><topic>Datasets</topic><topic>Deep learning</topic><topic>Feature extraction</topic><topic>Machine learning</topic><topic>Malware</topic><topic>Mobile operating systems</topic><topic>Mobile Security</topic><topic>Operating systems</topic><topic>Smart phones</topic><topic>Smartphones</topic><topic>Static analysis</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Ibrahim, Mulhem</creatorcontrib><creatorcontrib>Issa, Bayan</creatorcontrib><creatorcontrib>Jasser, Muhammed Basheer</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE Open Access Journals</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Engineered Materials Abstracts</collection><collection>METADEX</collection><collection>Technology Research Database</collection><collection>Materials Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>DOAJ Directory of Open Access Journals</collection><jtitle>IEEE access</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Ibrahim, Mulhem</au><au>Issa, Bayan</au><au>Jasser, Muhammed Basheer</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A Method for Automatic Android Malware Detection Based on Static Analysis and Deep Learning</atitle><jtitle>IEEE access</jtitle><stitle>Access</stitle><date>2022</date><risdate>2022</risdate><volume>10</volume><spage>1</spage><epage>1</epage><pages>1-1</pages><issn>2169-3536</issn><eissn>2169-3536</eissn><coden>IAECCG</coden><abstract>The computers nowadays are being replaced by the smartphones for the most of the internet users around the world, and Android is getting the most of the smartphone systems' market. This rise of the usage of smartphones generally, and the Android system specifically, leads to a strong need to effectively secure Android, as the malware developers are targeting it with sophisticated and obfuscated malware applications. Consequently, a lot of studies were performed to propose a robust method to detect and classify android malicious software (malware). Some of them were effective, some were not; with accuracy below 90%, and some of them are being outdated; using datasets that became old containing applications for old versions of Android that are rarely used today. In this paper, a new method is proposed by using static analysis and gathering as most useful features of android applications as possible, along with two new proposed features, and then passing them to a functional API deep learning model we made. This method was implemented on a new and classified android application dataset, using 14079 malware and benign samples in total, with malware samples classified into four malware classes. Two major experiments with this dataset were implemented, one for malware detection with the dataset samples categorized into two classes as just malware and benign, the second one was made for malware detection and classification, using all the five classes of the dataset. As a result, our model overcomes the related works when using just two classes with F1-score of 99.5%. Also, high malware detection and classification performance was obtained by using the five classes, with F1-score of 97%.</abstract><cop>Piscataway</cop><pub>IEEE</pub><doi>10.1109/ACCESS.2022.3219047</doi><tpages>1</tpages><orcidid>https://orcid.org/0000-0001-5292-465X</orcidid><orcidid>https://orcid.org/0000-0002-7559-3416</orcidid><orcidid>https://orcid.org/0000-0002-6285-1500</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 2169-3536
ispartof IEEE access, 2022, Vol.10, p.1-1
issn 2169-3536
2169-3536
language eng
recordid cdi_crossref_primary_10_1109_ACCESS_2022_3219047
source IEEE Open Access Journals; DOAJ Directory of Open Access Journals; EZB-FREE-00999 freely available EZB journals
subjects Android
Androids
Classification
Codes
Datasets
Deep learning
Feature extraction
Machine learning
Malware
Mobile operating systems
Mobile Security
Operating systems
Smart phones
Smartphones
Static analysis
title A Method for Automatic Android Malware Detection Based on Static Analysis and Deep Learning
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-28T17%3A25%3A54IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20Method%20for%20Automatic%20Android%20Malware%20Detection%20Based%20on%20Static%20Analysis%20and%20Deep%20Learning&rft.jtitle=IEEE%20access&rft.au=Ibrahim,%20Mulhem&rft.date=2022&rft.volume=10&rft.spage=1&rft.epage=1&rft.pages=1-1&rft.issn=2169-3536&rft.eissn=2169-3536&rft.coden=IAECCG&rft_id=info:doi/10.1109/ACCESS.2022.3219047&rft_dat=%3Cproquest_cross%3E2736886185%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2736886185&rft_id=info:pmid/&rft_ieee_id=9936621&rft_doaj_id=oai_doaj_org_article_46d2c68f989e4c70868cf0ff24cb486a&rfr_iscdi=true