Detecting android malicious apps and categorizing benign apps with ensemble of classifiers

Handle URI:
http://hdl.handle.net/10754/622705
Title:
Detecting android malicious apps and categorizing benign apps with ensemble of classifiers
Authors:
Wang, Wei; Li, Yuanyuan; Wang, Xing; Liu, Jiqiang; Zhang, Xiangliang ( 0000-0002-3574-5665 )
Abstract:
Android platform has dominated the markets of smart mobile devices in recent years. The number of Android applications (apps) has seen a massive surge. Unsurprisingly, Android platform has also become the primary target of attackers. The management of the explosively expansive app markets has thus become an important issue. On the one hand, it requires effectively detecting malicious applications (malapps) in order to keep the malapps out of the app market. On the other hand, it needs to automatically categorize a big number of benign apps so as to ease the management, such as correcting an app’s category falsely designated by the app developer. In this work, we propose a framework to effectively and efficiently manage a big app market in terms of detecting malapps and categorizing benign apps. We extract 11 types of static features from each app to characterize the behaviors of the app, and employ the ensemble of multiple classifiers, namely, Support Vector Machine (SVM), K-Nearest Neighbor (KNN), Naive Bayes (NB), Classification and Regression Tree (CART) and Random Forest (RF), to detect malapps and to categorize benign apps. An alarm will be triggered if an app is identified as malicious. Otherwise, the benign app will be identified as a specific category. We evaluate the framework on a large app set consisting of 107,327 benign apps as well as 8,701 malapps. The experimental results show that our method achieves the accuracy of 99.39% in the detection of malapps and achieves the best accuracy of 82.93% in the categorization of benign apps.
KAUST Department:
Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division
Citation:
Wang W, Li Y, Wang X, Liu J, Zhang X (2017) Detecting android malicious apps and categorizing benign apps with ensemble of classifiers. Future Generation Computer Systems. Available: http://dx.doi.org/10.1016/j.future.2017.01.019.
Publisher:
Elsevier BV
Journal:
Future Generation Computer Systems
Issue Date:
17-Jan-2017
DOI:
10.1016/j.future.2017.01.019
Type:
Article
ISSN:
0167-739X
Sponsors:
The work reported in this paper was supported in part by the Scientific Research Foundation through the Returned Overseas Chinese Scholars, Ministry of Education of China, under Grant K14C300020, in part by Shanghai Key Laboratory of Integrated Administration Technologies for Information Security, under Grant AGK2015002, in part by ZTE Corporation foundation, and in part by National Natural Science Foundation of China, under Grant 61672092.
Additional Links:
http://www.sciencedirect.com/science/article/pii/S0167739X17300742
Appears in Collections:
Articles; Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division

Full metadata record

DC FieldValue Language
dc.contributor.authorWang, Weien
dc.contributor.authorLi, Yuanyuanen
dc.contributor.authorWang, Xingen
dc.contributor.authorLiu, Jiqiangen
dc.contributor.authorZhang, Xiangliangen
dc.date.accessioned2017-01-22T10:45:41Z-
dc.date.available2017-01-22T10:45:41Z-
dc.date.issued2017-01-17en
dc.identifier.citationWang W, Li Y, Wang X, Liu J, Zhang X (2017) Detecting android malicious apps and categorizing benign apps with ensemble of classifiers. Future Generation Computer Systems. Available: http://dx.doi.org/10.1016/j.future.2017.01.019.en
dc.identifier.issn0167-739Xen
dc.identifier.doi10.1016/j.future.2017.01.019en
dc.identifier.urihttp://hdl.handle.net/10754/622705-
dc.description.abstractAndroid platform has dominated the markets of smart mobile devices in recent years. The number of Android applications (apps) has seen a massive surge. Unsurprisingly, Android platform has also become the primary target of attackers. The management of the explosively expansive app markets has thus become an important issue. On the one hand, it requires effectively detecting malicious applications (malapps) in order to keep the malapps out of the app market. On the other hand, it needs to automatically categorize a big number of benign apps so as to ease the management, such as correcting an app’s category falsely designated by the app developer. In this work, we propose a framework to effectively and efficiently manage a big app market in terms of detecting malapps and categorizing benign apps. We extract 11 types of static features from each app to characterize the behaviors of the app, and employ the ensemble of multiple classifiers, namely, Support Vector Machine (SVM), K-Nearest Neighbor (KNN), Naive Bayes (NB), Classification and Regression Tree (CART) and Random Forest (RF), to detect malapps and to categorize benign apps. An alarm will be triggered if an app is identified as malicious. Otherwise, the benign app will be identified as a specific category. We evaluate the framework on a large app set consisting of 107,327 benign apps as well as 8,701 malapps. The experimental results show that our method achieves the accuracy of 99.39% in the detection of malapps and achieves the best accuracy of 82.93% in the categorization of benign apps.en
dc.description.sponsorshipThe work reported in this paper was supported in part by the Scientific Research Foundation through the Returned Overseas Chinese Scholars, Ministry of Education of China, under Grant K14C300020, in part by Shanghai Key Laboratory of Integrated Administration Technologies for Information Security, under Grant AGK2015002, in part by ZTE Corporation foundation, and in part by National Natural Science Foundation of China, under Grant 61672092.en
dc.publisherElsevier BVen
dc.relation.urlhttp://www.sciencedirect.com/science/article/pii/S0167739X17300742en
dc.rightsNOTICE: this is the author’s version of a work that was accepted for publication in Future Generation Computer Systems. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in Future Generation Computer Systems, 17 January 2017. DOI: 10.1016/j.future.2017.01.019en
dc.subjectAndroid securityen
dc.subjectMalware detectionen
dc.subjectIntrusion detectionen
dc.subjectClassificationen
dc.subjectEnsemble learningen
dc.subjectStatic analysisen
dc.titleDetecting android malicious apps and categorizing benign apps with ensemble of classifiersen
dc.typeArticleen
dc.contributor.departmentComputer, Electrical and Mathematical Sciences and Engineering (CEMSE) Divisionen
dc.identifier.journalFuture Generation Computer Systemsen
dc.eprint.versionPost-printen
dc.contributor.institutionSchool of Computer and Information Technology, Beijing Jiaotong University, 3 Shangyuancun, Beijing 100044, Chinaen
kaust.authorZhang, Xiangliangen
All Items in KAUST are protected by copyright, with all rights reserved, unless otherwise indicated.