An efficient malware detection approach with feature weighting based on Harris Hawks optimization

This paper introduces and tests a novel machine learning approach to detect Android malware. The proposed approach is composed of Support Vector Machine (SVM) classifier and Harris Hawks Optimization (HHO) algorithm. More specifically, the role of HHO algorithm is to optimize SVM classifier hyperpar...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	Cluster computing 2022-08, Vol.25 (4), p.2369-2387
Hauptverfasser:	Alzubi, Omar A., Alzubi, Jafar A., Al-Zoubi, Ala’ M., Hassonah, Mohammad A., Kose, Utku
Format:	Artikel
Sprache:	eng
Schlagworte:	Algorithms Boolean Classifiers Computer Communication Networks Computer Science Datasets Heuristic methods Machine learning Malware Operating Systems Optimization Processor Architectures Ransomware Smartphones Social networks Support vector machines Weighting
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	2387
container_issue	4
container_start_page	2369
container_title	Cluster computing
container_volume	25
creator	Alzubi, Omar A. Alzubi, Jafar A. Al-Zoubi, Ala’ M. Hassonah, Mohammad A. Kose, Utku
description	This paper introduces and tests a novel machine learning approach to detect Android malware. The proposed approach is composed of Support Vector Machine (SVM) classifier and Harris Hawks Optimization (HHO) algorithm. More specifically, the role of HHO algorithm is to optimize SVM classifier hyperparameters while the SVM performs the classification of malware based on the best-chosen model, as well as producing the optimal solution for weighting the features. The effectiveness of the proposed approach and the ability to increase detection performance are demonstrated by scientific testing using CICMalAnal2017 sampled datasets. We test our method and its robustness on five sampled datasets and achieved the best results in most datasets and measures when compared with other approaches. We also illustrate the ability of the proposed approach to measure the significance of each feature. In addition, we provide deep analysis of possible relationships between weighted features and the type of malware attack. The results show that the proposed approach outperforms the other metaheuristic algorithms and state-of-art classifiers.
doi_str_mv	10.1007/s10586-021-03459-1
format	Article
fullrecord	<record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2918272693</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2918272693</sourcerecordid><originalsourceid>FETCH-LOGICAL-c319t-691eeedf2f65df77c26ffe36406bc7ec5081294c6bdd0f038dde717dedc3eb8a3</originalsourceid><addsrcrecordid>eNp9kE1LAzEQhoMoWKt_wFPA82o-djebYylqBcGLnkM2mbSp7e6apCz6601dwZunGXg_ZngQuqbklhIi7iIlVVMXhNGC8LKSBT1BM1oJXoiq5Kd551kWTSXO0UWMW0KIFEzOkF50GJzzxkOX8F7vRh0AW0hgku87rIch9Nps8OjTBjvQ6ZD1Efx6k3y3xq2OYHE2rnQIPuYxvkfcD8nv_Zc-VlyiM6d3Ea5-5xy9Pdy_LlfF88vj03LxXBhOZSpqSQHAOubqyjohDKudA16XpG6NAFORhjJZmrq1ljjCG2tBUGHBGg5to_kc3Uy9-eGPA8Sktv0hdPmkYpI2TLBa8uxik8uEPsYATg3B73X4VJSoI0o1oVQZpfpBqWgO8SkUs7lbQ_ir_if1DcRGeSw</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2918272693</pqid></control><display><type>article</type><title>An efficient malware detection approach with feature weighting based on Harris Hawks optimization</title><source>Springer Nature - Complete Springer Journals</source><source>ProQuest Central</source><creator>Alzubi, Omar A. ; Alzubi, Jafar A. ; Al-Zoubi, Ala’ M. ; Hassonah, Mohammad A. ; Kose, Utku</creator><creatorcontrib>Alzubi, Omar A. ; Alzubi, Jafar A. ; Al-Zoubi, Ala’ M. ; Hassonah, Mohammad A. ; Kose, Utku</creatorcontrib><description>This paper introduces and tests a novel machine learning approach to detect Android malware. The proposed approach is composed of Support Vector Machine (SVM) classifier and Harris Hawks Optimization (HHO) algorithm. More specifically, the role of HHO algorithm is to optimize SVM classifier hyperparameters while the SVM performs the classification of malware based on the best-chosen model, as well as producing the optimal solution for weighting the features. The effectiveness of the proposed approach and the ability to increase detection performance are demonstrated by scientific testing using CICMalAnal2017 sampled datasets. We test our method and its robustness on five sampled datasets and achieved the best results in most datasets and measures when compared with other approaches. We also illustrate the ability of the proposed approach to measure the significance of each feature. In addition, we provide deep analysis of possible relationships between weighted features and the type of malware attack. The results show that the proposed approach outperforms the other metaheuristic algorithms and state-of-art classifiers.</description><identifier>ISSN: 1386-7857</identifier><identifier>EISSN: 1573-7543</identifier><identifier>DOI: 10.1007/s10586-021-03459-1</identifier><language>eng</language><publisher>New York: Springer US</publisher><subject>Algorithms ; Boolean ; Classifiers ; Computer Communication Networks ; Computer Science ; Datasets ; Heuristic methods ; Machine learning ; Malware ; Operating Systems ; Optimization ; Processor Architectures ; Ransomware ; Smartphones ; Social networks ; Support vector machines ; Weighting</subject><ispartof>Cluster computing, 2022-08, Vol.25 (4), p.2369-2387</ispartof><rights>The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2021</rights><rights>The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2021.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c319t-691eeedf2f65df77c26ffe36406bc7ec5081294c6bdd0f038dde717dedc3eb8a3</citedby><cites>FETCH-LOGICAL-c319t-691eeedf2f65df77c26ffe36406bc7ec5081294c6bdd0f038dde717dedc3eb8a3</cites><orcidid>0000-0001-9986-1123</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s10586-021-03459-1$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://www.proquest.com/docview/2918272693?pq-origsite=primo$$EHTML$$P50$$Gproquest$$H</linktohtml><link.rule.ids>314,776,780,21367,27901,27902,33721,41464,42533,43781,51294</link.rule.ids></links><search><creatorcontrib>Alzubi, Omar A.</creatorcontrib><creatorcontrib>Alzubi, Jafar A.</creatorcontrib><creatorcontrib>Al-Zoubi, Ala’ M.</creatorcontrib><creatorcontrib>Hassonah, Mohammad A.</creatorcontrib><creatorcontrib>Kose, Utku</creatorcontrib><title>An efficient malware detection approach with feature weighting based on Harris Hawks optimization</title><title>Cluster computing</title><addtitle>Cluster Comput</addtitle><description>This paper introduces and tests a novel machine learning approach to detect Android malware. The proposed approach is composed of Support Vector Machine (SVM) classifier and Harris Hawks Optimization (HHO) algorithm. More specifically, the role of HHO algorithm is to optimize SVM classifier hyperparameters while the SVM performs the classification of malware based on the best-chosen model, as well as producing the optimal solution for weighting the features. The effectiveness of the proposed approach and the ability to increase detection performance are demonstrated by scientific testing using CICMalAnal2017 sampled datasets. We test our method and its robustness on five sampled datasets and achieved the best results in most datasets and measures when compared with other approaches. We also illustrate the ability of the proposed approach to measure the significance of each feature. In addition, we provide deep analysis of possible relationships between weighted features and the type of malware attack. The results show that the proposed approach outperforms the other metaheuristic algorithms and state-of-art classifiers.</description><subject>Algorithms</subject><subject>Boolean</subject><subject>Classifiers</subject><subject>Computer Communication Networks</subject><subject>Computer Science</subject><subject>Datasets</subject><subject>Heuristic methods</subject><subject>Machine learning</subject><subject>Malware</subject><subject>Operating Systems</subject><subject>Optimization</subject><subject>Processor Architectures</subject><subject>Ransomware</subject><subject>Smartphones</subject><subject>Social networks</subject><subject>Support vector machines</subject><subject>Weighting</subject><issn>1386-7857</issn><issn>1573-7543</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><sourceid>BENPR</sourceid><recordid>eNp9kE1LAzEQhoMoWKt_wFPA82o-djebYylqBcGLnkM2mbSp7e6apCz6601dwZunGXg_ZngQuqbklhIi7iIlVVMXhNGC8LKSBT1BM1oJXoiq5Kd551kWTSXO0UWMW0KIFEzOkF50GJzzxkOX8F7vRh0AW0hgku87rIch9Nps8OjTBjvQ6ZD1Efx6k3y3xq2OYHE2rnQIPuYxvkfcD8nv_Zc-VlyiM6d3Ea5-5xy9Pdy_LlfF88vj03LxXBhOZSpqSQHAOubqyjohDKudA16XpG6NAFORhjJZmrq1ljjCG2tBUGHBGg5to_kc3Uy9-eGPA8Sktv0hdPmkYpI2TLBa8uxik8uEPsYATg3B73X4VJSoI0o1oVQZpfpBqWgO8SkUs7lbQ_ir_if1DcRGeSw</recordid><startdate>20220801</startdate><enddate>20220801</enddate><creator>Alzubi, Omar A.</creator><creator>Alzubi, Jafar A.</creator><creator>Al-Zoubi, Ala’ M.</creator><creator>Hassonah, Mohammad A.</creator><creator>Kose, Utku</creator><general>Springer US</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope><scope>8FE</scope><scope>8FG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K7-</scope><scope>P5Z</scope><scope>P62</scope><scope>PHGZM</scope><scope>PHGZT</scope><scope>PKEHL</scope><scope>PQEST</scope><scope>PQGLB</scope><scope>PQQKQ</scope><scope>PQUKI</scope><orcidid>https://orcid.org/0000-0001-9986-1123</orcidid></search><sort><creationdate>20220801</creationdate><title>An efficient malware detection approach with feature weighting based on Harris Hawks optimization</title><author>Alzubi, Omar A. ; Alzubi, Jafar A. ; Al-Zoubi, Ala’ M. ; Hassonah, Mohammad A. ; Kose, Utku</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c319t-691eeedf2f65df77c26ffe36406bc7ec5081294c6bdd0f038dde717dedc3eb8a3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Algorithms</topic><topic>Boolean</topic><topic>Classifiers</topic><topic>Computer Communication Networks</topic><topic>Computer Science</topic><topic>Datasets</topic><topic>Heuristic methods</topic><topic>Machine learning</topic><topic>Malware</topic><topic>Operating Systems</topic><topic>Optimization</topic><topic>Processor Architectures</topic><topic>Ransomware</topic><topic>Smartphones</topic><topic>Social networks</topic><topic>Support vector machines</topic><topic>Weighting</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Alzubi, Omar A.</creatorcontrib><creatorcontrib>Alzubi, Jafar A.</creatorcontrib><creatorcontrib>Al-Zoubi, Ala’ M.</creatorcontrib><creatorcontrib>Hassonah, Mohammad A.</creatorcontrib><creatorcontrib>Kose, Utku</creatorcontrib><collection>CrossRef</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central UK/Ireland</collection><collection>Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>Computer Science Database</collection><collection>Advanced Technologies & Aerospace Database</collection><collection>ProQuest Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Central (New)</collection><collection>ProQuest One Academic (New)</collection><collection>ProQuest One Academic Middle East (New)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Applied & Life Sciences</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><jtitle>Cluster computing</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Alzubi, Omar A.</au><au>Alzubi, Jafar A.</au><au>Al-Zoubi, Ala’ M.</au><au>Hassonah, Mohammad A.</au><au>Kose, Utku</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>An efficient malware detection approach with feature weighting based on Harris Hawks optimization</atitle><jtitle>Cluster computing</jtitle><stitle>Cluster Comput</stitle><date>2022-08-01</date><risdate>2022</risdate><volume>25</volume><issue>4</issue><spage>2369</spage><epage>2387</epage><pages>2369-2387</pages><issn>1386-7857</issn><eissn>1573-7543</eissn><abstract>This paper introduces and tests a novel machine learning approach to detect Android malware. The proposed approach is composed of Support Vector Machine (SVM) classifier and Harris Hawks Optimization (HHO) algorithm. More specifically, the role of HHO algorithm is to optimize SVM classifier hyperparameters while the SVM performs the classification of malware based on the best-chosen model, as well as producing the optimal solution for weighting the features. The effectiveness of the proposed approach and the ability to increase detection performance are demonstrated by scientific testing using CICMalAnal2017 sampled datasets. We test our method and its robustness on five sampled datasets and achieved the best results in most datasets and measures when compared with other approaches. We also illustrate the ability of the proposed approach to measure the significance of each feature. In addition, we provide deep analysis of possible relationships between weighted features and the type of malware attack. The results show that the proposed approach outperforms the other metaheuristic algorithms and state-of-art classifiers.</abstract><cop>New York</cop><pub>Springer US</pub><doi>10.1007/s10586-021-03459-1</doi><tpages>19</tpages><orcidid>https://orcid.org/0000-0001-9986-1123</orcidid></addata></record>
fulltext	fulltext
identifier	ISSN: 1386-7857
ispartof	Cluster computing, 2022-08, Vol.25 (4), p.2369-2387
issn	1386-7857 1573-7543
language	eng
recordid	cdi_proquest_journals_2918272693
source	Springer Nature - Complete Springer Journals; ProQuest Central
subjects	Algorithms Boolean Classifiers Computer Communication Networks Computer Science Datasets Heuristic methods Machine learning Malware Operating Systems Optimization Processor Architectures Ransomware Smartphones Social networks Support vector machines Weighting
title	An efficient malware detection approach with feature weighting based on Harris Hawks optimization
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-21T21%3A24%3A22IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=An%20efficient%20malware%20detection%20approach%20with%20feature%20weighting%20based%20on%20Harris%20Hawks%20optimization&rft.jtitle=Cluster%20computing&rft.au=Alzubi,%20Omar%20A.&rft.date=2022-08-01&rft.volume=25&rft.issue=4&rft.spage=2369&rft.epage=2387&rft.pages=2369-2387&rft.issn=1386-7857&rft.eissn=1573-7543&rft_id=info:doi/10.1007/s10586-021-03459-1&rft_dat=%3Cproquest_cross%3E2918272693%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2918272693&rft_id=info:pmid/&rfr_iscdi=true