Android malware analysis in a nutshell

This paper offers a comprehensive analysis model for android malware. The model presents the essential factors affecting the analysis results of android malware that are vision-based. Current android malware analysis and solutions might consider one or some of these factors while building their malw...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	PloS one 2022-07, Vol.17 (7), p.e0270647-e0270647
Hauptverfasser:	Almomani, Iman, Ahmed, Mohanned, El-Shafai, Walid
Format:	Artikel
Sprache:	eng
Schlagworte:	Accuracy Algorithms Analysis Artificial intelligence Artificial neural networks Biology and Life Sciences Classification Codes Complexity Computer and Information Sciences Datasets Empirical analysis Engineering and Technology Identification Malware Methyltestosterone Modelling Neural networks Optimization algorithms Physical Sciences Prediction models Research and Analysis Methods Security Spyware
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	e0270647
container_issue	7
container_start_page	e0270647
container_title	PloS one
container_volume	17
creator	Almomani, Iman Ahmed, Mohanned El-Shafai, Walid
description	This paper offers a comprehensive analysis model for android malware. The model presents the essential factors affecting the analysis results of android malware that are vision-based. Current android malware analysis and solutions might consider one or some of these factors while building their malware predictive systems. However, this paper comprehensively highlights these factors and their impacts through a deep empirical study. The study comprises 22 CNN (Convolutional Neural Network) algorithms, 21 of them are well-known, and one proposed algorithm. Additionally, several types of files are considered before converting them to images, and two benchmark android malware datasets are utilized. Finally, comprehensive evaluation metrics are measured to assess the produced predictive models from the security and complexity perspectives. Consequently, guiding researchers and developers to plan and build efficient malware analysis systems that meet their requirements and resources. The results reveal that some factors might significantly impact the performance of the malware analysis solution. For example, from a security perspective, the accuracy, F1-score, precision, and recall are improved by 131.29%, 236.44%, 192%, and 131.29%, respectively, when changing one factor and fixing all other factors under study. Similar results are observed in the case of complexity assessment, including testing time, CPU usage, storage size, and pre-processing speed, proving the importance of the proposed android malware analysis model.
doi_str_mv	10.1371/journal.pone.0270647
format	Article
fullrecord	<record><control><sourceid>gale_plos_</sourceid><recordid>TN_cdi_plos_journals_2686273024</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><galeid>A709256512</galeid><doaj_id>oai_doaj_org_article_fd5054ce0f98417c9397226f5739f2a3</doaj_id><sourcerecordid>A709256512</sourcerecordid><originalsourceid>FETCH-LOGICAL-c669t-f5fe95efdb1fbfe4b9c93fbf71cc0054e71be6c77739b0be2a44d3cd062a47083</originalsourceid><addsrcrecordid>eNqNkl1rFDEUhgdRbK3-A8EBodSLXfMxSSY3wlKqLhQKft2GTOZkN8tMsiYzav-92e4oHemF5CKHkyfve87hFMVLjJaYCvx2F8bodbfcBw9LRATilXhUnGJJyYITRB_fi0-KZyntEGK05vxpcUKZqGuC2GlxvvJtDK4te9391BFKnTVvk0ul86Uu_TikLXTd8-KJ1V2CF9N9Vnx9f_Xl8uPi-ubD-nJ1vTCcy2FhmQXJwLYNto2FqpFG0hwJbEx2r0DgBrgRQlDZoAaIrqqWmhbxHAlU07Pi1VF334WkphaTIrzmRFBEqkysj0Qb9E7to-t1vFVBO3WXCHGjdByc6UDZlmVPA8jKusIilyIFIdyy7G6Jplnr3eQ2Nj20BvwQdTcTnb94t1Wb8ENJwpgQh3IvJoEYvo-QBtW7ZPK8tIcw3tXNEOVEsoy-_gd9uLuJ2ujcgPM2ZF9zEFUrgbItZ5hkavkAlU8LvTN5H6zL-dmHN7MPmRng17DRY0pq_fnT_7M33-bs-T12C7obtil04-CCT3OwOoImhpQi2L9Dxkgd1vnPNNRhndW0zvQ38JLj-w</addsrcrecordid><sourcetype>Open Website</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2686273024</pqid></control><display><type>article</type><title>Android malware analysis in a nutshell</title><source>Public Library of Science (PLoS) Journals Open Access</source><source>DOAJ Directory of Open Access Journals</source><source>EZB-FREE-00999 freely available EZB journals</source><source>PubMed Central</source><source>Free Full-Text Journals in Chemistry</source><creator>Almomani, Iman ; Ahmed, Mohanned ; El-Shafai, Walid</creator><contributor>V E, Sathishkumar</contributor><creatorcontrib>Almomani, Iman ; Ahmed, Mohanned ; El-Shafai, Walid ; V E, Sathishkumar</creatorcontrib><description>This paper offers a comprehensive analysis model for android malware. The model presents the essential factors affecting the analysis results of android malware that are vision-based. Current android malware analysis and solutions might consider one or some of these factors while building their malware predictive systems. However, this paper comprehensively highlights these factors and their impacts through a deep empirical study. The study comprises 22 CNN (Convolutional Neural Network) algorithms, 21 of them are well-known, and one proposed algorithm. Additionally, several types of files are considered before converting them to images, and two benchmark android malware datasets are utilized. Finally, comprehensive evaluation metrics are measured to assess the produced predictive models from the security and complexity perspectives. Consequently, guiding researchers and developers to plan and build efficient malware analysis systems that meet their requirements and resources. The results reveal that some factors might significantly impact the performance of the malware analysis solution. For example, from a security perspective, the accuracy, F1-score, precision, and recall are improved by 131.29%, 236.44%, 192%, and 131.29%, respectively, when changing one factor and fixing all other factors under study. Similar results are observed in the case of complexity assessment, including testing time, CPU usage, storage size, and pre-processing speed, proving the importance of the proposed android malware analysis model.</description><identifier>ISSN: 1932-6203</identifier><identifier>EISSN: 1932-6203</identifier><identifier>DOI: 10.1371/journal.pone.0270647</identifier><identifier>PMID: 35788205</identifier><language>eng</language><publisher>San Francisco: Public Library of Science</publisher><subject>Accuracy ; Algorithms ; Analysis ; Artificial intelligence ; Artificial neural networks ; Biology and Life Sciences ; Classification ; Codes ; Complexity ; Computer and Information Sciences ; Datasets ; Empirical analysis ; Engineering and Technology ; Identification ; Malware ; Methyltestosterone ; Modelling ; Neural networks ; Optimization algorithms ; Physical Sciences ; Prediction models ; Research and Analysis Methods ; Security ; Spyware</subject><ispartof>PloS one, 2022-07, Vol.17 (7), p.e0270647-e0270647</ispartof><rights>COPYRIGHT 2022 Public Library of Science</rights><rights>2022 Almomani et al. This is an open access article distributed under the terms of the Creative Commons Attribution License: http://creativecommons.org/licenses/by/4.0/ (the “License”), which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><rights>2022 Almomani et al 2022 Almomani et al</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c669t-f5fe95efdb1fbfe4b9c93fbf71cc0054e71be6c77739b0be2a44d3cd062a47083</citedby><cites>FETCH-LOGICAL-c669t-f5fe95efdb1fbfe4b9c93fbf71cc0054e71be6c77739b0be2a44d3cd062a47083</cites><orcidid>0000-0001-7509-2120 ; 0000-0003-4639-516X</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://www.ncbi.nlm.nih.gov/pmc/articles/PMC9255778/pdf/$$EPDF$$P50$$Gpubmedcentral$$Hfree_for_read</linktopdf><linktohtml>$$Uhttps://www.ncbi.nlm.nih.gov/pmc/articles/PMC9255778/$$EHTML$$P50$$Gpubmedcentral$$Hfree_for_read</linktohtml><link.rule.ids>230,314,723,776,780,860,881,2095,2914,23846,27903,27904,53770,53772,79347,79348</link.rule.ids></links><search><contributor>V E, Sathishkumar</contributor><creatorcontrib>Almomani, Iman</creatorcontrib><creatorcontrib>Ahmed, Mohanned</creatorcontrib><creatorcontrib>El-Shafai, Walid</creatorcontrib><title>Android malware analysis in a nutshell</title><title>PloS one</title><description>This paper offers a comprehensive analysis model for android malware. The model presents the essential factors affecting the analysis results of android malware that are vision-based. Current android malware analysis and solutions might consider one or some of these factors while building their malware predictive systems. However, this paper comprehensively highlights these factors and their impacts through a deep empirical study. The study comprises 22 CNN (Convolutional Neural Network) algorithms, 21 of them are well-known, and one proposed algorithm. Additionally, several types of files are considered before converting them to images, and two benchmark android malware datasets are utilized. Finally, comprehensive evaluation metrics are measured to assess the produced predictive models from the security and complexity perspectives. Consequently, guiding researchers and developers to plan and build efficient malware analysis systems that meet their requirements and resources. The results reveal that some factors might significantly impact the performance of the malware analysis solution. For example, from a security perspective, the accuracy, F1-score, precision, and recall are improved by 131.29%, 236.44%, 192%, and 131.29%, respectively, when changing one factor and fixing all other factors under study. Similar results are observed in the case of complexity assessment, including testing time, CPU usage, storage size, and pre-processing speed, proving the importance of the proposed android malware analysis model.</description><subject>Accuracy</subject><subject>Algorithms</subject><subject>Analysis</subject><subject>Artificial intelligence</subject><subject>Artificial neural networks</subject><subject>Biology and Life Sciences</subject><subject>Classification</subject><subject>Codes</subject><subject>Complexity</subject><subject>Computer and Information Sciences</subject><subject>Datasets</subject><subject>Empirical analysis</subject><subject>Engineering and Technology</subject><subject>Identification</subject><subject>Malware</subject><subject>Methyltestosterone</subject><subject>Modelling</subject><subject>Neural networks</subject><subject>Optimization algorithms</subject><subject>Physical Sciences</subject><subject>Prediction models</subject><subject>Research and Analysis Methods</subject><subject>Security</subject><subject>Spyware</subject><issn>1932-6203</issn><issn>1932-6203</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GNUQQ</sourceid><sourceid>DOA</sourceid><recordid>eNqNkl1rFDEUhgdRbK3-A8EBodSLXfMxSSY3wlKqLhQKft2GTOZkN8tMsiYzav-92e4oHemF5CKHkyfve87hFMVLjJaYCvx2F8bodbfcBw9LRATilXhUnGJJyYITRB_fi0-KZyntEGK05vxpcUKZqGuC2GlxvvJtDK4te9391BFKnTVvk0ul86Uu_TikLXTd8-KJ1V2CF9N9Vnx9f_Xl8uPi-ubD-nJ1vTCcy2FhmQXJwLYNto2FqpFG0hwJbEx2r0DgBrgRQlDZoAaIrqqWmhbxHAlU07Pi1VF334WkphaTIrzmRFBEqkysj0Qb9E7to-t1vFVBO3WXCHGjdByc6UDZlmVPA8jKusIilyIFIdyy7G6Jplnr3eQ2Nj20BvwQdTcTnb94t1Wb8ENJwpgQh3IvJoEYvo-QBtW7ZPK8tIcw3tXNEOVEsoy-_gd9uLuJ2ujcgPM2ZF9zEFUrgbItZ5hkavkAlU8LvTN5H6zL-dmHN7MPmRng17DRY0pq_fnT_7M33-bs-T12C7obtil04-CCT3OwOoImhpQi2L9Dxkgd1vnPNNRhndW0zvQ38JLj-w</recordid><startdate>20220705</startdate><enddate>20220705</enddate><creator>Almomani, Iman</creator><creator>Ahmed, Mohanned</creator><creator>El-Shafai, Walid</creator><general>Public Library of Science</general><general>Public Library of Science (PLoS)</general><scope>AAYXX</scope><scope>CITATION</scope><scope>IOV</scope><scope>ISR</scope><scope>3V.</scope><scope>7QG</scope><scope>7QL</scope><scope>7QO</scope><scope>7RV</scope><scope>7SN</scope><scope>7SS</scope><scope>7T5</scope><scope>7TG</scope><scope>7TM</scope><scope>7U9</scope><scope>7X2</scope><scope>7X7</scope><scope>7XB</scope><scope>88E</scope><scope>8AO</scope><scope>8C1</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>8FH</scope><scope>8FI</scope><scope>8FJ</scope><scope>8FK</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AEUYN</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>ATCPS</scope><scope>AZQEC</scope><scope>BBNVY</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>BHPHI</scope><scope>C1K</scope><scope>CCPQU</scope><scope>D1I</scope><scope>DWQXO</scope><scope>FR3</scope><scope>FYUFA</scope><scope>GHDGH</scope><scope>GNUQQ</scope><scope>H94</scope><scope>HCIFZ</scope><scope>K9.</scope><scope>KB.</scope><scope>KB0</scope><scope>KL.</scope><scope>L6V</scope><scope>LK8</scope><scope>M0K</scope><scope>M0S</scope><scope>M1P</scope><scope>M7N</scope><scope>M7P</scope><scope>M7S</scope><scope>NAPCQ</scope><scope>P5Z</scope><scope>P62</scope><scope>P64</scope><scope>PATMY</scope><scope>PDBOC</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PTHSS</scope><scope>PYCSY</scope><scope>RC3</scope><scope>7X8</scope><scope>5PM</scope><scope>DOA</scope><orcidid>https://orcid.org/0000-0001-7509-2120</orcidid><orcidid>https://orcid.org/0000-0003-4639-516X</orcidid></search><sort><creationdate>20220705</creationdate><title>Android malware analysis in a nutshell</title><author>Almomani, Iman ; Ahmed, Mohanned ; El-Shafai, Walid</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c669t-f5fe95efdb1fbfe4b9c93fbf71cc0054e71be6c77739b0be2a44d3cd062a47083</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Accuracy</topic><topic>Algorithms</topic><topic>Analysis</topic><topic>Artificial intelligence</topic><topic>Artificial neural networks</topic><topic>Biology and Life Sciences</topic><topic>Classification</topic><topic>Codes</topic><topic>Complexity</topic><topic>Computer and Information Sciences</topic><topic>Datasets</topic><topic>Empirical analysis</topic><topic>Engineering and Technology</topic><topic>Identification</topic><topic>Malware</topic><topic>Methyltestosterone</topic><topic>Modelling</topic><topic>Neural networks</topic><topic>Optimization algorithms</topic><topic>Physical Sciences</topic><topic>Prediction models</topic><topic>Research and Analysis Methods</topic><topic>Security</topic><topic>Spyware</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Almomani, Iman</creatorcontrib><creatorcontrib>Ahmed, Mohanned</creatorcontrib><creatorcontrib>El-Shafai, Walid</creatorcontrib><collection>CrossRef</collection><collection>Gale In Context: Opposing Viewpoints</collection><collection>Gale In Context: Science</collection><collection>ProQuest Central (Corporate)</collection><collection>Animal Behavior Abstracts</collection><collection>Bacteriology Abstracts (Microbiology B)</collection><collection>Biotechnology Research Abstracts</collection><collection>Proquest Nursing & Allied Health Source</collection><collection>Ecology Abstracts</collection><collection>Entomology Abstracts (Full archive)</collection><collection>Immunology Abstracts</collection><collection>Meteorological & Geoastrophysical Abstracts</collection><collection>Nucleic Acids Abstracts</collection><collection>Virology and AIDS Abstracts</collection><collection>Agricultural Science Collection</collection><collection>Health & Medical Collection</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>Medical Database (Alumni Edition)</collection><collection>ProQuest Pharma Collection</collection><collection>Public Health Database</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Natural Science Collection</collection><collection>Hospital Premium Collection</collection><collection>Hospital Premium Collection (Alumni Edition)</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>Materials Science & Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest One Sustainability</collection><collection>ProQuest Central UK/Ireland</collection><collection>Advanced Technologies & Aerospace Collection</collection><collection>Agricultural & Environmental Science Collection</collection><collection>ProQuest Central Essentials</collection><collection>Biological Science Collection</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>Natural Science Collection</collection><collection>Environmental Sciences and Pollution Management</collection><collection>ProQuest One Community College</collection><collection>ProQuest Materials Science Collection</collection><collection>ProQuest Central Korea</collection><collection>Engineering Research Database</collection><collection>Health Research Premium Collection</collection><collection>Health Research Premium Collection (Alumni)</collection><collection>ProQuest Central Student</collection><collection>AIDS and Cancer Research Abstracts</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Health & Medical Complete (Alumni)</collection><collection>Materials Science Database</collection><collection>Nursing & Allied Health Database (Alumni Edition)</collection><collection>Meteorological & Geoastrophysical Abstracts - Academic</collection><collection>ProQuest Engineering Collection</collection><collection>ProQuest Biological Science Collection</collection><collection>Agricultural Science Database</collection><collection>Health & Medical Collection (Alumni Edition)</collection><collection>Medical Database</collection><collection>Algology Mycology and Protozoology Abstracts (Microbiology C)</collection><collection>Biological Science Database</collection><collection>Engineering Database</collection><collection>Nursing & Allied Health Premium</collection><collection>Advanced Technologies & Aerospace Database</collection><collection>ProQuest Advanced Technologies & Aerospace Collection</collection><collection>Biotechnology and BioEngineering Abstracts</collection><collection>Environmental Science Database</collection><collection>Materials Science Collection</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>Engineering Collection</collection><collection>Environmental Science Collection</collection><collection>Genetics Abstracts</collection><collection>MEDLINE - Academic</collection><collection>PubMed Central (Full Participant titles)</collection><collection>DOAJ Directory of Open Access Journals</collection><jtitle>PloS one</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Almomani, Iman</au><au>Ahmed, Mohanned</au><au>El-Shafai, Walid</au><au>V E, Sathishkumar</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Android malware analysis in a nutshell</atitle><jtitle>PloS one</jtitle><date>2022-07-05</date><risdate>2022</risdate><volume>17</volume><issue>7</issue><spage>e0270647</spage><epage>e0270647</epage><pages>e0270647-e0270647</pages><issn>1932-6203</issn><eissn>1932-6203</eissn><abstract>This paper offers a comprehensive analysis model for android malware. The model presents the essential factors affecting the analysis results of android malware that are vision-based. Current android malware analysis and solutions might consider one or some of these factors while building their malware predictive systems. However, this paper comprehensively highlights these factors and their impacts through a deep empirical study. The study comprises 22 CNN (Convolutional Neural Network) algorithms, 21 of them are well-known, and one proposed algorithm. Additionally, several types of files are considered before converting them to images, and two benchmark android malware datasets are utilized. Finally, comprehensive evaluation metrics are measured to assess the produced predictive models from the security and complexity perspectives. Consequently, guiding researchers and developers to plan and build efficient malware analysis systems that meet their requirements and resources. The results reveal that some factors might significantly impact the performance of the malware analysis solution. For example, from a security perspective, the accuracy, F1-score, precision, and recall are improved by 131.29%, 236.44%, 192%, and 131.29%, respectively, when changing one factor and fixing all other factors under study. Similar results are observed in the case of complexity assessment, including testing time, CPU usage, storage size, and pre-processing speed, proving the importance of the proposed android malware analysis model.</abstract><cop>San Francisco</cop><pub>Public Library of Science</pub><pmid>35788205</pmid><doi>10.1371/journal.pone.0270647</doi><tpages>e0270647</tpages><orcidid>https://orcid.org/0000-0001-7509-2120</orcidid><orcidid>https://orcid.org/0000-0003-4639-516X</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext
identifier	ISSN: 1932-6203
ispartof	PloS one, 2022-07, Vol.17 (7), p.e0270647-e0270647
issn	1932-6203 1932-6203
language	eng
recordid	cdi_plos_journals_2686273024
source	Public Library of Science (PLoS) Journals Open Access; DOAJ Directory of Open Access Journals; EZB-FREE-00999 freely available EZB journals; PubMed Central; Free Full-Text Journals in Chemistry
subjects	Accuracy Algorithms Analysis Artificial intelligence Artificial neural networks Biology and Life Sciences Classification Codes Complexity Computer and Information Sciences Datasets Empirical analysis Engineering and Technology Identification Malware Methyltestosterone Modelling Neural networks Optimization algorithms Physical Sciences Prediction models Research and Analysis Methods Security Spyware
title	Android malware analysis in a nutshell
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-22T09%3A40%3A14IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-gale_plos_&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Android%20malware%20analysis%20in%20a%20nutshell&rft.jtitle=PloS%20one&rft.au=Almomani,%20Iman&rft.date=2022-07-05&rft.volume=17&rft.issue=7&rft.spage=e0270647&rft.epage=e0270647&rft.pages=e0270647-e0270647&rft.issn=1932-6203&rft.eissn=1932-6203&rft_id=info:doi/10.1371/journal.pone.0270647&rft_dat=%3Cgale_plos_%3EA709256512%3C/gale_plos_%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2686273024&rft_id=info:pmid/35788205&rft_galeid=A709256512&rft_doaj_id=oai_doaj_org_article_fd5054ce0f98417c9397226f5739f2a3&rfr_iscdi=true