Android malware detection via efficient application programming interface call sequences extraction and machine learning classifiers

Malware detection is an important task for the ecosystem of mobile applications (APPs), especially for the Android ecosystem, and is vital to guarantee the user experience of Android APPs. There have been some exiting methods trying to solve the problem of malware detection, but the methods suffer f...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:IET software Ročník 17; číslo 4; s. 348 - 361
Hlavní autoři: Wang, Tanjie, Xu, Yueshen, Zhao, Xinkui, Jiang, Zhiping, Li, Rui
Médium: Journal Article
Jazyk:angličtina
Vydáno: John Wiley & Sons, Inc 01.08.2023
Wiley
Témata:
Algorithms
Android (operating system)
Applications programming
computational complexity
Machine learning
Mobile applications
pattern classification
software quality
software reliability
Spyware
Technology application
Wireless telephone software
ISSN:1751-8806, 1751-8814
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Malware detection is an important task for the ecosystem of mobile applications (APPs), especially for the Android ecosystem, and is vital to guarantee the user experience of Android APPs. There have been some exiting methods trying to solve the problem of malware detection, but the methods suffer from several defects, such as high time complexity and mediocre accuracy, which seriously decrease the practicability of existing methods. To solve these problems, in this study, we propose a novel Android malware detection framework, where we contribute an efficient Application Programming Interface (API) call sequences extraction algorithm and an investigation of different types of classifiers. In API call sequences extraction, we propose an algorithm for transforming the function call graph from a multigraph into a directed simple graph, which successfully avoids the unnecessary repetitive path searching. We also propose a pruning search, which further reduces the number of paths to be searched. Our algorithm greatly reduces the time complexity. We generate the transition matrix as classification features and investigate three types of machine learning classifiers to complete the malware detection task. The experiments are performed on real‐world Android Packages (APKs), and the results demonstrate that our method significantly reduces the running time and produces high detection accuracy. In this paper, we propose a novel Android malware detection framework, where we contribute an efficient API call sequences extraction algorithm and an investigation of different types of classifiers. In API call sequences extraction, we propose an algorithm for transforming the function call graph from a multigraph into a directed simple graph. We also propose an effective pruning search algorithm.
ISSN:1751-8806
1751-8814
DOI:10.1049/sfw2.12083