Android Zararlı Yazılımlarının Derin Öğrenme ile Kategorilerine ve Ailelerine Göre Sınıflandırılması

Year 2021, Volume: 11 Issue: 2, 41 - 46, 26.07.2021

Mahmut Tokmak

https://doi.org/10.35354/tbed.948849

Abstract

En yaygın kullanılan mobil platform olan Android, mobil zararlı yazılımların da en büyük hedefi haline gelmiştir. Günden güne de Android zararlı yazılım sayısı ve çeşidi artmaktadır. Bu durum göz önüne alındığında, kötü amaçlı yazılım kategorilerini ve ailelerini tespit etmek, zararlı yazılım analistlerinin işlerini kolaylaştıracaktır. Analistler, benzer davranışlar sergileyen zararlı yazılımları incelemek yerine motivasyonlarını yeni örnekleri incelemeye odaklayacaklardır. Bu çalışmada, ICInvesAndMal2019 Android zararlı yazılım veri setinin dinamik analiz yöntemi ile elde edilen özellikleri barındıran kısmı kullanılmıştır. Kullanılan veri seti ile Android zararlı yazılımları kategorilerine ve ailelerine göre sınıflandırılmıştır. Sınıflandırmada Derin Sinir Ağları (DSA) kullanılmıştır. Kurulan model ile yapılan sınıflandırma sonucunda Android zararlı yazılımların kategorilerine göre sınıflandırmasında %85 doğruluk değerine, Android zararlı yazılımların ailelerine göre sınıflandırılmasında %62 doğruluk değerine erişilmiştir

Keywords

Android zararlı yazılımları, Zararlı yazılım kategori, Zararlı yazılım aile, Derin Öğrenme

References

• [1] Abuthawabeh, M. and Mahmoud, K. 2020. Enhanced Android Malware Detection and Family Classification, using Conversation-level Network Traffic Features. The International Arab Journal of Information Technology, 17, 4A, 607–614.
• [2] Alshahrani, H., Mansourt, H., Thorn, S., Alshehri, A., Alzahrani, A. and Fu, H. 2018. DDefender: Android application threat detection using static and dynamic analysis. 2018 IEEE International Conference on Consumer Electronics (ICCE), 1–6.
• [3] Alzaylaee, M.K., Yerima, S.Y. and Sezer, S. 2020. DL-Droid: Deep learning based android malware detection using real devices. Computers & Security, 89, 101663.
• [4] Anagnostopoulos, M., Kambourakis, G. and Gritzalis, S. 2016. New facets of mobile botnet: architecture and evaluation. International Journal of Information Security, 15, 5, 455–473.
• [5] Android Malware Dataset, 2021. https://www.unb.ca/cic/datasets/andmal2017.html (Erişim Tarihi: 10.4.2021).
• [6] Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K. and Siemens, C. 2014. Drebin: Effective and explainable detection of android malware in your pocket. Ndss, 23–26.
• [7] Bhatia, T. and Kaushal, R. 2017. Malware detection in android based on dynamic analysis. 2017 International Conference on Cyber Security And Protection Of Digital Services (Cyber Security), 1–6.
• [8] Cam, N.T., Pham, V.-H. and Nguyen, T. 2019. Detecting sensitive data leakage via inter-applications on Android using a hybrid analysis technique. Cluster Computing, 22, 1, 1055–1064.
• [9] Chakraborty, T., Pierazzi, F. and Subrahmanian, V.S. 2020. EC2: Ensemble Clustering and Classification for Predicting Android Malware Families. IEEE Transactions on Dependable and Secure Computing, 17, 2, 262–277.
• [10] De Lorenzo, A., Martinelli, F., Medvet, E., Mercaldo, F. and Santone, A. 2020. Visualizing the outcome of dynamic analysis of Android malware with VizMal. Journal of Information Security and Applications, 50, 102423.
• [11] Fang, Y., Gao, Y., Jing, F. and Zhang, L. 2020. Android Malware Familial Classification Based on DEX File Section Features. IEEE Access, 8, 10614–10627.
• [12] Feizollah, A., Anuar, N.B., Salleh, R., Suarez-Tangil, G. and Furnell, S. 2017. Androdialysis: Analysis of android intent effectiveness in malware detection. computers & security, 65, 121–134.
• [13] Google Play, 2021. https://www.android.com/play-protect/ (Erişim Tarihi: 10.4.2021).
• [14] Hou, S., Saas, A., Chen, L. and Ye, Y. 2016. Deep4maldroid: A deep learning framework for android malware detection based on linux kernel system call graphs. 2016 IEEE/WIC/ACM International Conference on Web Intelligence Workshops (WIW), 104–111.
• [15] Hou, S., Saas, A., Chen, L., Ye, Y. and Bourlai, T. 2017. Deep neural networks for automatic android malware detection. Proceedings of the 2017 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining 2017, 803–810.
• [16] IDC, 2021. https://www.idc.com/promo-/smartphone-market-share (Erişim Tarihi: 28.5.2021).
• [17] Imtiaz, S.I., Rehman, S. ur, Javed, A.R., Jalil, Z., Liu, X. and Alnumay, W.S. 2021. DeepAMD: Detection and identification of Android malware using high-efficient Deep Artificial Neural Network. Future Generation Computer Systems, 115, 844–856.
• [18] Investigation of the android malware (cicinvesandmal2019), 2021. https: //www.unb.ca/cic/datasets/invesandmal2019.html (Erişim Tarihi: 10.4.2021).
• [19] Jiang, J., Li, S., Yu, M., Li, G., Liu, C., Chen, K., Liu, H. and Huang, W. 2019. Android Malware Family Classification Based on Sensitive Opcode Sequence. 2019 IEEE Symposium on Computers and Communications (ISCC), June , Barcelona, Spain, 1–7.
• [20] Karbab, E.B., Debbabi, M., Derhab, A. and Mouheb, D. 2018. MalDozer: Automatic framework for android malware detection using deep learning. Digital Investigation, 24, S48–S59.
• [21] Kim, H.M., Song, H.M., Seo, J.W. and Kim, H.K. 2018. Andro-Simnet: Android Malware Family Classification using Social Network Analysis. 2018 16th Annual Conference on Privacy, Security and Trust (PST), August , Belfast, 1–8.
• [22] Lashkari, A.H., Kadir, A.F.A., Taheri, L. and Ghorbani, A.A. 2018. Toward developing a systematic approach to generate benchmark android malware datasets and classification. 2018 International Carnahan Conference on Security Technology (ICCST), 1–7.
• [23] Massarelli, L., Aniello, L., Ciccotelli, C., Querzoni, L., Ucci, D. and Baldoni, R. 2017. Android malware family classification based on resource consumption over time. 2017 12th International Conference on Malicious and Unwanted Software (MALWARE), October , Fajardo, 31–38.
• [24] McAfee, 2021. https://www.mcafee.com-/enterprise/en-us/assets/reports/rpquarterly-threats-apr-2021.pdf (Erişim Tarihi: 30.5.2021).
• [25] McAfee, 2018. https://www.mcafee.com/-enterprise/en-us/assets/reports/rp-mobile-threat-report-2018.pdf (Erişim Tarihi: 11.10.2019).
• [26] Milosevic, N., Dehghantanha, A. and Choo, K.-K.R. 2017. Machine learning aided Android malware classification. Computers & Electrical Engineering, 61, 266–274.
• [27] Sugunan, K., Kumar, T.G. and Dhanya, K.A. 2018. Static and dynamic analysis for android malware detection. Advances in Big Data and Cloud Computing. Springer. 147–155.
• [28] Sun, Y., Chen, Y., Pan, Y. and Wu, L. 2019. Android malware family classification based on deep learning of code images. IAENG International Journal of Computer Science, 46, 4, 524–533.
• [29] Taheri, L., Kadir, A.F.A. and Lashkari, A.H. 2019. Extensible Android Malware Detection and Family Classification Using Network-Flows and API-Calls. 2019 International Carnahan Conference on Security Technology (ICCST), October , CHENNAI, India, 1–8.
• [30] Tam, K., Feizollah, A., Anuar, N.B., Salleh, R. and Cavallaro, L. 2017. The evolution of android malware and android analysis techniques. ACM Computing Surveys (CSUR), 49, 4, 1–41.
• [31] Turker, S. and Can, A.B. 2019. AndMFC: Android Malware Family Classification Framework. 2019 IEEE 30th International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC Workshops), September , Istanbul, Turkey, 1–6.
• [32] Xu, Z., Ren, K. and Song, F. 2019. Android Malware Family Classification and Characterization Using CFG and DFG. 2019 International Symposium on Theoretical Aspects of Software Engineering (TASE), July , Guilin, China, 49–56.
• [33] Yang, Y., Wei, Z., Xu, Y., He, H. and Wang, W. 2018. Droidward: an effective dynamic analysis method for vetting android applications. Cluster Computing, 21, 1, 265–275.
• [34] Yuan, Z., Lu, Y. and Xue, Y. 2016. Droiddetector: android malware characterization and detection using deep learning. Tsinghua Science and Technology, 21, 1, 114–123.