Browse > Article
http://dx.doi.org/10.20465/KIOTS.2020.6.2.001

Optimal Machine Learning Model for Detecting Normal and Malicious Android Apps  

Lee, Hyung-Woo (Div. of Computer Engineering, Hanshin University)
Lee, HanSeong (Dept. of Computer Engineering, Hanshin University)
Publication Information
Journal of Internet of Things and Convergence / v.6, no.2, 2020 , pp. 1-10 More about this Journal
Abstract
The mobile application based on the Android platform is simple to decompile, making it possible to create malicious applications similar to normal ones, and can easily distribute the created malicious apps through the Android third party app store. In this case, the Android malicious application in the smartphone causes several problems such as leakage of personal information in the device, transmission of premium SMS, and leakage of location information and call records. Therefore, it is necessary to select a optimal model that provides the best performance among the machine learning techniques that have published recently, and provide a technique to automatically identify malicious Android apps. Therefore, in this paper, after adopting the feature engineering to Android apps on official test set, a total of four performance evaluation experiments were conducted to select the machine learning model that provides the optimal performance for Android malicious app detection.
Keywords
Smart phones; Android; Malware; Feature Engineering; Machine Learning; Random Forest;
Citations & Related Records
Times Cited By KSCI : 8  (Citation Analysis)
연도 인용수 순위
1 D.H.Kim, M.G.Lee, M.S.Song and S.J.Cho, "Machine Learning based Android Malware Detection using Gray Scale Images", KOREA INFORMATION SCIENCE SOCIETY, Vol.45, No.1, pp.1245-1247, 2018.
2 Androguard. https://github.com/androguard/androguard.
3 Jupyter Notebook. https://jupyter.org/.
4 Jupyter Lab. https://github.com/jupyterlab/jupyterlab.
5 Python. https://www.python.org/.
6 scikit-learn. https://scikit-learn.org/.
7 J.W.Jang, J.S.Yun, A.Mohaisen, J.Y.Woo and H.K.Kim. "Detecting and classifying method based on similarity matching of Android malware behavior with profile.", SpringerPlus, Vol.5, No.1, pp.273, 2016.   DOI
8 J.S.Yun, J.W.Jang, and H.K.Kim. "Andro-profiler: anti-malware system based on behavior profiling of mobile malware.", Journal of the Korea Institute of Information Security & Cryptology, Vol.24, No.1, pp.145-154, 2014.   DOI
9 Android Documentation. http://developer.android.com/guide/topics/manifest/permission-element.html.
10 S.M.Hwang and H.W.Lee, "Identification of Counterfeit Android Malware Apps using Hyperledger Fabric Blockchain," Journal of Internet Computing and Services, vol. 20, no. 2, pp. 61-68, 2019. DOI: 10.7472/jksii.2019.20.2.61.   DOI
11 H.S.Lee and H.W.Lee, "Consortium Blockchain based Forgery Android APK Discrimination DApp using Hyperledger Composer," Journal of Internet Computing and Services, vol. 20, no. 5, pp. 9-18, 2019. DOI: 10.7472/jksii.2019.20.5.9.   DOI
12 K.W.Bae, K.H.Lee, "Security of Database Based On Hybrid Blockchain," Journal of The Korea Internet of Things Society, Vol.6, No.1, pp.9-15, 2020. https://doi.org/10.20465/KIOTS.2020.6.1.009   DOI
13 Symantec. Internet Security Threat Report. Volume 23. March 2018. https://docs.broadcom.com/doc/istr-23-2018-en.
14 Victor Chebyshev. Mobile malware evolution 2019. February 25, 2020. http://securelist.com/mobile-malware-evolution-2019/96280/.
15 D.H.Park, E.J.Myeong and J.B.Yun, "Efficient Detection of Android Mutant Malwares Using the DEX file", Korea Institute Of Information Security And Cryptology, Vol.26, No.4, pp.895-902, 2016.   DOI