Evaluation of Feature Selection Algorithm for Android Malware Detection

  • Authors

    • Nurul Hidayah Mazlan
    • Isredza Rahmi A Hamid
    2018-12-09
    https://doi.org/10.14419/ijet.v7i4.31.23387
  • Android malware, Detection, Term Frequency-Inverse Document Frequency (TF-IDF).
  • This paper synthesizes an evaluation of feature selection algorithm by utilizing Term Frequency Inverse Document Frequency (TF-IDF) as the main algorithm in Android malware detection. The Android features were filtered before detection process using TF-IDF algorithm. However, IDF is unaware to the training class labels and give incorrect weight value to some features. Therefore, the proposed approach modified the TF-IDF algorithm, where the algorithm focused on both sample and feature. Proposed algorithm applied considers the feature based on its level of importance. The related best features in the sample are selected using weight and priority ranking process. This increases the effect of important malware features selected in the Android application sample. These experiments are conducted on a sample collected from DREBIN dataset. The comparison between existing TF-IDF algorithm and modified TF-IDF (MTF-IDF) algorithm have been tested in various conditions such as different number of sample, different number of feature and combination of different types of feature. The analysis results show feature selection using MTF-IDF can improve malware detection analysis. MTF-IDF proved either using various kinds of feature or various kinds of dataset size, algorithm still effective for Android malware detection. MTF-IDF algorithm also proved that it could give appropriate scaling for all features in analyzing Android malware detection.

     

     
  • References

    1. [1] J. Jang, J. Yun, A. Mohaisen, J. Woo, and H. K. Kim, “Detecting and Classifying Method Based on Similarity Matching of Android Malware Behavior with Profile,†Springerplus, vol. 5, no. 1, p. 1, 2016.

      [2] M. Sokolova, N. Japkowicz, and S. Szpakowicz, “Beyond Accuracy, F-score and ROC: A Family of Discriminant Measures for Performance Evaluation,†2006.

      [3] A. Feizollah, N. B. Anuar, R. Salleh, and A. W. A. Wahab, “A review on feature selection in mobile malware detection,†Digital Investigation. 2015.

      [4] S. Y. Yerima, S. Sezer, and I. Muttik, “High Accuracy Android Malware Detection Using Ensemble Learning.,†IET Inf. Secur., 2015.

      [5] A. Bhattacharya and R. T. Goswami, “Comparative Analysis of Different Feature Ranking Techniques in Data Mining-Based Android Malware Detection,†in Proceedings of the 5th International Conference on Frontiers in Intelligent Computing: Theory and Applications : FICTA 2016, Volume 1, S. C. Satapathy, V. Bhateja, S. K. Udgata, and P. K. Pattnaik, Eds. Singapore: Springer Singapore, 2017, pp. 39–49.

      [6] N. H. Mazlan and I. R. A. Hamid, “Using Weighted Based Feature Selection Technique for Android Malware Detection,†in Mobile and Wireless Technologies 2017, 2018, pp. 54–64.

      [7] G. Forman, “BNS Feature Scaling: An Improved Representation Over TF-IDF for SVM Text Classification,†Proc. 17th ACM Conf. Inf. Knowl. Manag., 2008.

      [8] A. Shabtai, R. Moskovitch, Y. Elovici, and C. Glezer, “Detection of Malicious Code by Applying Machine Learning Classifiers on Static Features: A state-of-the-art survey,†Inf. Secur. Tech. Rep., vol. 14, no. 1, pp. 16–29, 2009.

      [9] W. Li, J. Ge, and G. Dai, “Detecting Malware for Android Platform: An SVM-Based Approach,†in Proceedings - 2nd IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2015 - IEEE International Symposium of Smart Cloud, IEEE SSC 2015, 2016.

      [10] D. Arp, M. Spreitzenbarth, M. Hubner, H. Gascon, and K. Rieck, “DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket.,†in NDSS, 2014.

      [11] L. Breiman, “Random Forests,†Mach. Learn., vol. 45, no. 1, pp. 5–32, 2001.

      [12] R. Tian, “An Integrated Malware Detection and Classification System,†2011.

      [13] N. Peiravian and X. Zhu, “Machine Learning for Android Malware Detection Using Permission and API Calls,†in 2013 IEEE 25th International Conference on Tools with Artificial Intelligence, 2013, pp. 300–305.

      [14] M. Hall, E. Frank, G. Holmes, B. Pfahringer, P. Reutemann, and I. H. Witten, “The WEKA Data Mining Software: An Update,†ACM SIGKDD Explor. Newsl., vol. 11, no. 1, pp. 10–18, 2009.

      [15] V. M. V, P. Vinod, and D. K. A, “Heterogeneous Feature Space for Android Malware Detection,†Eighth International Conference on Contemporary Computing, {IC3} 2015, Noida, India, August 20-22, 2015. pp. 383–388, 2015.

      [16] Android Developers, “Permissions,†https://developer.android.com/index.html, 2016. [Online]. Available: https://developer.android.com/guide/topics/permissions/index.html. [Accessed: 22-Dec-2016].

      [17] I. R. A. Hamid and J. H. Abawajy, “An Approach for Profiling Phishing Activities,†Comput. Secur., 2014.

  • Downloads

  • How to Cite

    Hidayah Mazlan, N., & Rahmi A Hamid, I. (2018). Evaluation of Feature Selection Algorithm for Android Malware Detection. International Journal of Engineering & Technology, 7(4.31), 311-315. https://doi.org/10.14419/ijet.v7i4.31.23387