R-MF Droid: Android Malware Detection using Ranked Manifest File Components
Kartik Khariwal1, Rishabh Gupta2, Jatin Singh3, Anshul Arora4
1Kartik Khariwal*, Discipline of Mathematics and Computing, Department of Applied Mathematics, Delhi Technological University, Delhi, India.
2Rishabh Gupta, Discipline of Mathematics and Computing, Department of Applied Mathematics, Delhi Technological University, Delhi, India.
3Jatin Singh, Discipline of Mathematics and Computing, Department of Applied Mathematics, Delhi Technological University, Delhi, India.
4Anshul Arora, Discipline of Mathematics and Computing, Department of Applied Mathematics, Delhi Technological University, Delhi, India.
Manuscript received on May 11, 2021. | Revised Manuscript received on May 17, 2021. | Manuscript published on May 30, 2021. | PP: 55-64 | Volume-10 Issue-7, May 2021 | Retrieval Number: 100.1/ijitee.G89510510721| DOI: 10.35940/ijitee.G8951.0510721
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: With the increasing fame of Android OS over the past few years, the quantity of malware assaults on Android has additionally expanded. In the year 2018, around 28 million malicious applications were found on the Android platform and these malicious apps were capable of causing huge financial losses and information leakage. Such threats, caused due to these malicious apps, call for a proper detection system for Android malware. There exist some research works that aim to study static manifest components for malware detection. However, to the best of our knowledge, none of the previous research works have aimed to find the best set amongst different manifest file components for malware detection. In this work, we focus on identifying the best feature set from manifest file components (Permissions, Intents, Hardware Components, Activities, Services, Broadcast Receivers, and Content Providers) that could give better detection accuracy. We apply Information Gain to rank the manifest file components intending to find the best set of components that can better classify between malware applications and benign applications. We put forward a novel algorithm to find the best feature set by using various machine learning classifiers like SVM, XGBoost, and Random Forest along with deep learning techniques like classification using Neural networks. The experimental results highlight that the best set obtained from the proposed algorithm consisted of 25 features, i.e., 5 Permissions, 2 Intents, 9 Activities, 3 Content Providers, 4 Hardware Components, 1 Service, and 1 Broadcast Receiver. The SVM classifier gave the highest classification accuracy of 96.93% and an F1-Score of 0.97 with this best set of 25 features.
Keywords: Android Security, Machine Learning, Malware Detection, Manifest File Components, Mobile Malware, Static Solution.