Modeling A Malware Detection and Categorization System Based on Seven Network Flow-Based Features
Joshua Sopuru1, Arif Sari2, Murat Akkaya3

1Joshua Sopuru, Department of Management Information Systems, The American University.
2Arif Sari, Department of Management Information Systems, The American University.
3Murat Akkaya, Department of Management Information Systems, The American University

Manuscript received on 01 May 2019 | Revised Manuscript received on 15 May 2019 | Manuscript published on 30 May 2019 | PP: 2982-2989 | Volume-8 Issue-7, May 2019 | Retrieval Number: G6289058719/19©BEIESP
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (

Abstract: Although several models have been developed for detecting and categorizing malicious Android applications, most network-based frameworks utilize long lists of network features to achieve an average classification accuracy (85.09%), and precision (89.10%). Our proposed model streamlines these lists to seven network flow-based features and achieved an average classification accuracy of (93.62%), success rate (92.68%), and a false positive (0.083). Experiments were carried out to evaluate the performance of three machine learning algorithms (Naive Bayes, J48 and, Random Forest) thereby identifying the best learner(s). Different sizes of training data were also considered for different experiments in other to evaluate learning rates based on different data size. At the end of our experiments, we identified seven top network flow-based features that can be used to effectively detect and categorize android malware.
Keyword: Network Flow-Based Features, Machine Learning, Android Malware, Malware Detection and Classification, Malware Family.
Scope of the Article: Social Networks