Feature Selection for Android Malware Detection with Random Forest on Smartphones
Android smartphones, integral to everyday life, offer a multifunctional platform for storing and managing sensitive personal data. However, the ubiquity of Android applications intensifies their vulnerability to malicious applications. This study presents the Static Dynamic Hybrid Feature Extraction...
Gespeichert in:
Veröffentlicht in: | Revue d'Intelligence Artificielle 2023-08, Vol.37 (4), p.857-869 |
---|---|
Hauptverfasser: | , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | Android smartphones, integral to everyday life, offer a multifunctional platform for storing and managing sensitive personal data. However, the ubiquity of Android applications intensifies their vulnerability to malicious applications. This study presents the Static Dynamic Hybrid Feature Extraction (SDHFE) tool, a lightweight automation tool designed for the efficient analysis of Android applications by extracting features from a variety of sources. The research generated multiple datasets, each representing different feature categories and their combinations. A novel approach to improve Android malware detection on smartphones is introduced, leveraging the random forest algorithm. Multiple models were created and evaluated using metrics such as accuracy, precision, recall, and F1 score. The model trained on a dataset comprising permissions and intents achieved the highest average scores, 99.2%, thus outperforming other models. A comparative analysis was conducted to evaluate the efficiency of the SDHFE tool against two widely used tools, APKtool and Androguard, in static feature extraction. The results demonstrated that the SDHFE tool significantly reduced disassembly and analysis time, outperforming APKtool and Androguard by factors of 2.2 and 4.6, respectively. While this research provides valuable insights into Android malware detection, it is important to acknowledge potential limitations. The dynamic nature of malware behavior could affect the generalizability of our approach. Despite these potential limitations, the results underscore the effectiveness of our proposed method for enhancing malware detection in Android smartphones. |
---|---|
ISSN: | 0992-499X 1958-5748 |
DOI: | 10.18280/ria.370405 |