A Hybrid Model for Android Malware Detection
Vinisha Malik1, Sandip Kumar Goyal2, Naveen Malik3
1Vinisha Malik*, PhD Research Scholar Department of Computer Science & Engineering, Maharishi Markandeshwar (Deemed To Be University) Mullana, Ambala, India.
2Sandip Kumar Goyal, Professor, Department of Computer Science & Engineering, Maharishi Markandeshwar (Deemed To Be University) Mullana, Ambala, India.
3Naveen Malik, Assistant Professor Computer Science & Engineering, Dcrust Govt University, Murthal, Sonepat, India.
Manuscript received on September 16, 2019. | Revised Manuscript received on 24 September, 2019. | Manuscript published on October 10, 2019. | PP: 2656-2662 | Volume-8 Issue-12, October 2019. | Retrieval Number: K22500981119/2019©BEIESP | DOI: 10.35940/ijitee.K2250.1081219
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Android malware have risen exponentially over the past few years, posing several serious threats such as system damage, financial loss, and mobile botnets. Various detection techniques have been proposed in the literature for Android malware detection. Some of the techniques analyze static parameters such as permissions, or intents, whereas, others focus on dynamic parameters such as network traffic or system calls. Static techniques are relatively easier to implement, however, stealthy recent malware evade static detection by virtue of update attacks. Dynamic detection can be used to detect such stealthy malware, however, it increases the computation overhead. Hence, both kinds of techniques have their own advantages and disadvantages. In this paper, we have proposed an innovative hybrid detection model that uses both static and dynamic features for malware analysis and detection. We first rank the static and dynamic parameters according to the information gain and then apply machine learning algorithms in the testing phase. The results indicate that hybrid approach is better than both static and dynamic approaches and the proposed model achieves 94.2% detection accuracy with Decision Tree classifier.
Keywords: Android Security, Malware Detection, Permissions, Intents, Network Traffic.
Scope of the Article: Network Traffic Characterization and Measurements