Loading [a11y]/accessibility-menu.js
Research Article
BibTex RIS Cite

Ransomware, Spyware, and Trojan Malware Detection for Android Using Machine Learning

Year 2024, Volume: 1 Issue: 1, 1 - 8, 30.09.2024

Abstract

The threat posed by malware has increased with the growth of technology. This makes malware detection a crucial problem. It specifically pertains to the heightened security risks that the underlying programs and their users frequently encounter. On the CIC-MalMem2022 dataset, experiments were executed. KNN, Decision Tree, Random Forest, GaussianNB, and AdaBoost were used for binary classification and multiclass classification. Additionally, the effectiveness of the employed algorithms has been evaluated. The machine learning models were optimized by tuning the hyperparameters. Random Forest and AdaBoost both achieved binary classification accuracy of 99.99%. Optuna Hyperparameter tuning for Random forest based multiclass classification performed with an accuracy of 88.31%.

Thanks

We would like to thank Vishwakarma Institute of Technology, Pune, for providing the ecosystem to work on research project.

References

  • admin@enterpriseappstoday.com. “Enterpriseapp-stoday.” (2010), [Online]. Available: https ://www.enterpriseappstoday.com/stats/android-statistics.html#:~:text=There%20are%203.3%20billion%20Android, The%20latest%20version% 2C%20Android%2012.0. (accessed: 15.05.2024).
  • Z. Yuan, Y. Lu, and Y. Xue, “Droiddetector: Android malware characterization and detection using deep learning,” Tsinghua Science and Technology, vol. 21, no. 1, pp. 114–123, 2016. DOI: 10.1109/TST.2016.7399288.
  • X. Liu, Y. Lin, H. Li, and J. Zhang, “A novel method for malware detection on ml-based visualization tech- nique,” Computers & Security, vol. 89, p. 101 682, 2020.
  • M. Asam, S. J. Hussain, M. Mohatram, et al., “Detection of exceptional malware variants using deep boosted feature spaces and machine learning,” Ap- plied Sciences, vol. 11, no. 21, p. 10 464, 2021.
  • M. Brengel and C. Rossow, “Memscrimper: Time-and space-efficient storage of malware sandbox mem- ory dumps,” in International Conference on Detection of Intrusions and Malware, and Vulnerability Assess- ment, Springer, 2018, pp. 24–45.
  • S. S. H. Shah, A. R. Ahmad, N. Jamil, and A. u. R. Khan, “Memory forensics-based malware detection using computer vision and machine learning,” Electronics, vol. 11, no. 16, p. 2579, 2022.
  • H. Safa, M. Nassar, and W. A. R. Al Orabi, “Bench- marking convolutional and recurrent neural networks for malware classification,” in 2019 15th International Wireless Communications & Mobile Computing Con- ference (IWCMC), IEEE, 2019, pp. 561–566.
  • M. Ahmadi, D. Ulyanov, S. Semenov, M. Trofimov, and G. Giacinto, “Novel feature extraction, selection and fusion for effective malware family classification,” in Proceedings of the sixth ACM conference on data and application security and privacy, 2016, pp. 183– 194.
  • T. Wüchner, M. Ochoa, and A. Pretschner, “Robust and effective malware detection through quantitative data flow graph metrics,” in Detection of Intrusions and Malware, and Vulnerability Assessment: 12th International Conference, DIMVA 2015, Milan, Italy, July 9-10, 2015, Proceedings 12, Springer, 2015, pp. 98–118.
  • Ö. Aslan, M. Ozkan-Okay, and D. Gupta, “Intelli- gent behavior-based malware detection system on cloud computing environment,” IEEE Access, vol. 9, pp. 83 252–83 271, 2021.
  • N. McLaughlin, J. Martinez del Rincon, B. Kang, et al., “Deep android malware detection,” in Proceed- ings of the seventh ACM on conference on data and application security and privacy, 2017, pp. 301–308.
  • R. Vinayakumar, K. Soman, P. Poornachandran, and S. Sachin Kumar, “Detecting android malware using long short-term memory (lstm),” Journal of Intelligent & Fuzzy Systems, vol. 34, no. 3, pp. 1277–1288, 2018.
  • D. Zhu, Y. Ma, T. Xi, and Y. Zhang, “Fsnet: Android malware detection with only one feature,” in 2019 IEEE Symposium on Computers and Communica- tions (ISCC), IEEE, 2019, pp. 1–6.
  • H. Ma, J. Tian, K. Qiu, et al., “Deep-learning–based app sensitive behavior surveillance for android pow- ered cyber–physical systems,” IEEE Transactions on Industrial Informatics, vol. 17, no. 8, pp. 5840–5850, 2020.
  • M. S. Alam and S. T. Vuong, “Random forest classifi- cation for detecting android malware,” in 2013 IEEE international conference on green computing and communications and IEEE Internet of Things and IEEE cyber, physical and social computing, IEEE, 2013, pp. 663–669.
  • T. Carrier, “Detecting obfuscated malware using memory feature engineering,” 2021.
  • T. Carrier., P. Victor., A. Tekeoglu., and A. H. Lashkari., “Detecting obfuscated malware using memory feature engineering,” in Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP, INSTICC, SciTePress, 2022, pp. 177–188, ISBN: 978-989-758-553-1. DOI: 10.5220/0010908200003120.
  • K. M. Han J. Pei J., Data Mining: Concepts and Techniques. 2011.
  • K. Alkhatib and S. Abualigah, “Predictive model for cutting customers migration from , banks: Based on machine learning classification algorithms,” in 2020 11th International Conference on Information and , Communication Systems (ICICS), IEEE, 2020, pp. 303–307.
  • X. Pan, L. Zhu, Y.-X. Fan, and J. Yan, “Predicting protein–rna interaction amino acids using random for- est based on submodularity subset selection,” Computational biology and chemistry, vol. 53, pp. 324– 330, 2014.
  • L. Rokach and O. Maimon, Decision trees." Data mining and knowledge discovery handbook. Springer New York, 2005.
  • N. Ahmed, R. Ahammed, M. M. Islam, et al., “Machine learning based diabetes prediction and devel- opment of smart web application,” International Journal of Cognitive Computing in Engineering, vol. 2, pp. 229–241, 2021.
  • S. Shekhar, A. Bansode, and A. Salim, “A compar- ative study of hyper-parameter optimization tools,” in 2021 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE), IEEE, 2021, pp. 1–6.

Makine Öğrenimini Kullanarak Android için Fidye Yazılımı, Casus Yazılım ve Truva Atı Kötü Amaçlı Yazılım Tespiti

Year 2024, Volume: 1 Issue: 1, 1 - 8, 30.09.2024

Abstract

Teknolojinin gelişmesiyle birlikte kötü amaçlı yazılımların oluşturduğu tehdidin de artış göstermesi kötü amaçlı yazılım tespitini önemli bir sorun haline getirmektedir. Bu da özellikle temel programların ve kullanıcılarının sıklıkla karşılaştığı yüksek güvenlik riskleriyle ilgilidir. CIC-MalMem2022 veri setinde deneyler gerçekleştirildi. İkili sınıflandırma ve çok sınıflı sınıflandırma için KNN, Karar Ağacı, Rastgele Orman, GaussianNB ve AdaBoost kullanıldı. Ayrıca kullanılan algoritmaların etkinliği de değerlendirilmiştir. Makine öğrenimi modelleri, hyperparametreler ayarlanarak optimize edildi. Random Forest ve AdaBoost'un her ikisi de %99,99'luk ikili sınıflandırma doğruluğuna ulaştı. Rastgele orman tabanlı çok sınıflı sınıflandırma için Optuna Hiperparametre ayarı %88,31 doğrulukla gerçekleştirildi.

References

  • admin@enterpriseappstoday.com. “Enterpriseapp-stoday.” (2010), [Online]. Available: https ://www.enterpriseappstoday.com/stats/android-statistics.html#:~:text=There%20are%203.3%20billion%20Android, The%20latest%20version% 2C%20Android%2012.0. (accessed: 15.05.2024).
  • Z. Yuan, Y. Lu, and Y. Xue, “Droiddetector: Android malware characterization and detection using deep learning,” Tsinghua Science and Technology, vol. 21, no. 1, pp. 114–123, 2016. DOI: 10.1109/TST.2016.7399288.
  • X. Liu, Y. Lin, H. Li, and J. Zhang, “A novel method for malware detection on ml-based visualization tech- nique,” Computers & Security, vol. 89, p. 101 682, 2020.
  • M. Asam, S. J. Hussain, M. Mohatram, et al., “Detection of exceptional malware variants using deep boosted feature spaces and machine learning,” Ap- plied Sciences, vol. 11, no. 21, p. 10 464, 2021.
  • M. Brengel and C. Rossow, “Memscrimper: Time-and space-efficient storage of malware sandbox mem- ory dumps,” in International Conference on Detection of Intrusions and Malware, and Vulnerability Assess- ment, Springer, 2018, pp. 24–45.
  • S. S. H. Shah, A. R. Ahmad, N. Jamil, and A. u. R. Khan, “Memory forensics-based malware detection using computer vision and machine learning,” Electronics, vol. 11, no. 16, p. 2579, 2022.
  • H. Safa, M. Nassar, and W. A. R. Al Orabi, “Bench- marking convolutional and recurrent neural networks for malware classification,” in 2019 15th International Wireless Communications & Mobile Computing Con- ference (IWCMC), IEEE, 2019, pp. 561–566.
  • M. Ahmadi, D. Ulyanov, S. Semenov, M. Trofimov, and G. Giacinto, “Novel feature extraction, selection and fusion for effective malware family classification,” in Proceedings of the sixth ACM conference on data and application security and privacy, 2016, pp. 183– 194.
  • T. Wüchner, M. Ochoa, and A. Pretschner, “Robust and effective malware detection through quantitative data flow graph metrics,” in Detection of Intrusions and Malware, and Vulnerability Assessment: 12th International Conference, DIMVA 2015, Milan, Italy, July 9-10, 2015, Proceedings 12, Springer, 2015, pp. 98–118.
  • Ö. Aslan, M. Ozkan-Okay, and D. Gupta, “Intelli- gent behavior-based malware detection system on cloud computing environment,” IEEE Access, vol. 9, pp. 83 252–83 271, 2021.
  • N. McLaughlin, J. Martinez del Rincon, B. Kang, et al., “Deep android malware detection,” in Proceed- ings of the seventh ACM on conference on data and application security and privacy, 2017, pp. 301–308.
  • R. Vinayakumar, K. Soman, P. Poornachandran, and S. Sachin Kumar, “Detecting android malware using long short-term memory (lstm),” Journal of Intelligent & Fuzzy Systems, vol. 34, no. 3, pp. 1277–1288, 2018.
  • D. Zhu, Y. Ma, T. Xi, and Y. Zhang, “Fsnet: Android malware detection with only one feature,” in 2019 IEEE Symposium on Computers and Communica- tions (ISCC), IEEE, 2019, pp. 1–6.
  • H. Ma, J. Tian, K. Qiu, et al., “Deep-learning–based app sensitive behavior surveillance for android pow- ered cyber–physical systems,” IEEE Transactions on Industrial Informatics, vol. 17, no. 8, pp. 5840–5850, 2020.
  • M. S. Alam and S. T. Vuong, “Random forest classifi- cation for detecting android malware,” in 2013 IEEE international conference on green computing and communications and IEEE Internet of Things and IEEE cyber, physical and social computing, IEEE, 2013, pp. 663–669.
  • T. Carrier, “Detecting obfuscated malware using memory feature engineering,” 2021.
  • T. Carrier., P. Victor., A. Tekeoglu., and A. H. Lashkari., “Detecting obfuscated malware using memory feature engineering,” in Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP, INSTICC, SciTePress, 2022, pp. 177–188, ISBN: 978-989-758-553-1. DOI: 10.5220/0010908200003120.
  • K. M. Han J. Pei J., Data Mining: Concepts and Techniques. 2011.
  • K. Alkhatib and S. Abualigah, “Predictive model for cutting customers migration from , banks: Based on machine learning classification algorithms,” in 2020 11th International Conference on Information and , Communication Systems (ICICS), IEEE, 2020, pp. 303–307.
  • X. Pan, L. Zhu, Y.-X. Fan, and J. Yan, “Predicting protein–rna interaction amino acids using random for- est based on submodularity subset selection,” Computational biology and chemistry, vol. 53, pp. 324– 330, 2014.
  • L. Rokach and O. Maimon, Decision trees." Data mining and knowledge discovery handbook. Springer New York, 2005.
  • N. Ahmed, R. Ahammed, M. M. Islam, et al., “Machine learning based diabetes prediction and devel- opment of smart web application,” International Journal of Cognitive Computing in Engineering, vol. 2, pp. 229–241, 2021.
  • S. Shekhar, A. Bansode, and A. Salim, “A compar- ative study of hyper-parameter optimization tools,” in 2021 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE), IEEE, 2021, pp. 1–6.
There are 23 citations in total.

Details

Primary Language English
Subjects System and Network Security, Data and Information Privacy
Journal Section Research Articles
Authors

Swati Shilaskar 0000-0002-1450-2939

Shripad Bhatlawande This is me 0000-0001-8405-9824

Akhil Bhalgat This is me

Niranjan Bharate This is me

Publication Date September 30, 2024
Submission Date February 14, 2024
Acceptance Date May 17, 2024
Published in Issue Year 2024 Volume: 1 Issue: 1

Cite

IEEE S. Shilaskar, S. Bhatlawande, A. Bhalgat, and N. Bharate, “Ransomware, Spyware, and Trojan Malware Detection for Android Using Machine Learning”, ITU JWCC, vol. 1, no. 1, pp. 1–8, 2024.