Browse > Article
http://dx.doi.org/10.13089/JKIISC.2015.25.4.817

Probabilistic K-nearest neighbor classifier for detection of malware in android mobile  

Kang, Seungjun (Graduate School of Information Security, Korea University)
Yoon, Ji Won (Graduate School of Information Security, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.25, no.4, 2015 , pp. 817-827 More about this Journal
Abstract
In this modern society, people are having a close relationship with smartphone. This makes easier for hackers to gain the user's information by installing the malware in the user's smartphone without the user's authority. This kind of action are threats to the user's privacy. The malware characteristics are different to the general applications. It requires the user's authority. In this paper, we proposed a new classification method of user requirements method by each application using the Principle Component Analysis(PCA) and Probabilistic K-Nearest Neighbor(PKNN) methods. The combination of those method outputs the improved result to classify between malware and general applications. By using the K-fold Cross Validation, the measurement precision of PKNN is improved compare to the previous K-Nearest Neighbor(KNN). The classification which difficult to solve by KNN also can be solve by PKNN with optimizing the discovering the parameter k and ${\beta}$. Also the sample that has being use in this experiment is based on the Contagio.
Keywords
Malware Detection; Android Permissions; Principal Component Analysis; KNN; PKNN;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 eMarketer, [Online] "Smartphone Users Worldwide Will Total 1.75 Billion in 2014" URL{http://www.emarketer.com/Article/Smartphone-Users-Worldwide-Will-Total-175-Billion-2014/1010536} Jan. 2014
2 DENCK, William, et al. "Understanding Android Security," IEEE security & privacy, pp. 50-57, Jul 2009.
3 NETMARKETSHARE. [Online] "Mobile/Tablet Top Operating System Share Trend" URL{http://www.netmarketshare.com/} Oct.2014
4 ORTHACKER, Clemens, et al. "Android security permissions-can we trust them?." In: Security and Privacy in Mobile Information and Communication Systems. Springer Berlin Heidelberg, pp. 40-51. 2012.
5 AppBrain. [Online] "Android Statistics - Google Play stats", URL{http://www.appbrain.com/stats/number-of-android-apps}, Mar 2015.
6 WEI, Xuetao, et al. "Permission evolution in the android ecosystem.," In: Proceedings of the 28th Annual Computer Security Applications Conference. ACM, pp. 31-40. 2012.
7 FELT, Adrienne Porter, et al. "Android permissions demystified.," In: Proceedings of the 18th ACM conference on Computer and communications security. ACM, pp. 627-638. 2011.
8 WOLD, Svante; ESBENSEN, Kim; GELADI, Paul. "Principal component analysis." Chemometrics and intelligent laboratory systems, 2.1:pp. 37-52. 1987,   DOI
9 BARBER, David. "Machine Learning A Probabilistic Approach.2006.5 August." URL{http://files.is.tue.mpg.de/hjhuang/ebook/mlgm_epfl_book.pdf}
10 HOLMES, C. C.; ADAMS, N. M. A "probabilistic nearest neighbour method for statistical pattern recognition.," Journal of the Royal Statistical Society: Series B (Statistical Methodology), 64.2: pp. 295-306. 2002,   DOI
11 BEYER, Kevin, et al. When is "nearest neighbor," meaningful?. In: Database Theory-ICDT'99. Springer Berlin Heidelberg, pp. 217-235. 1999.
12 Barber, David. "Machine Learning and Pattern Recognition Principal Component Analysis. 2001. 5 August." URL{ http://www.inf.ed.ac.uk/teaching/courses/mlpr/lectures/mlpr-dim-red.pdf}
13 Zhang, Min-Ling, and Zhi-Hua Zhou. "A k-nearest neighbor based algorithm for multi-label classification." Granular Computing, 2005 IEEE International Conference on. Vol. 2. pp.718-721, IEEE, 2005.
14 Hyelim Lee, J. W. Yoon, "Efficient Malware Detector for Android Devices," Korea institute of information security and cryptology, 24(4), pp. 617-624. 2014   DOI
15 Yoon, Ji Won; FRIEL, Nial. "Efficient model selection for probabilistic K nearest neighbour classification." Neurocomputing, 149: pp. 1098-1108. 2015,   DOI
16 FELT, Adrienne Porter, et al. "A survey of mobile malware in the wild." In: Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices. ACM, 2011. pp. 3-14.
17 BOSE, Abhijit, et al. "Behavioral detection of malware on mobile handsets." In: Proceedings of the 6th international conference on Mobile systems, applications, and services. ACM, 2008. pp. 225-238.
18 Jae-sung Yun, Jae-wook Jang, Huy Kang Kim. "Andro-profiler: Anti-malware system based on behavior profiling of mobile malware." Korea institute of information security and cryptology. 2014, 24.1: pp. 145-154.   DOI
19 VENUGOPAL, Deepak; HU, Guoning. "Efficient signature based malware detection on mobile devices.," Mobile Information Systems, 2008, 4.1: pp. 33-49.   DOI
20 PEIRAVIAN, Naser; ZHU, Xingquan. "Machine learning for android malware detection using permission and api calls." In: Tools with Artificial Intelligence (ICTAI), 2013 IEEE 25th International Conference on. IEEE, 2013. pp. 300-305.
21 AUNG, Zarni; ZAW, Win. "Permission-based Android malware detection." International Journal of Scientific and Technology Research, 2013, 2.3: pp. 228-234.