Enhancing Android Security: Analyzing Feature Sets in CICAndMal2017 and DroidFussion Datasets
Mots-clés :
Android dataset, Android Malware, Machine learning, Network-flow featuresRésumé
Because of the popularity of Android devices, many attackers spend lots of time and resources creating malicious applications aimed at breaching the security of Android device. Researchers on the other hand have not relented in seeking better ways of curbing attacks on Android devices. In other to achieve an efficient solution, researchers need large datasets to evaluate their solutions. Generating relevant data for this cause is however not an easy task, for this reason, several researchers rely on existing datasets.
In this paper, we evaluated the relevance of the feature sets of found in the CICAndMal2017 and DroidFussion datasets. During our study, we discovered the DroidFussion dataset has a higher variance and proved positive on some other parameters tested and as a result performed better. Results from the Random Forest classifier indicates that the Droid dataset achieved 90.0% precisions while the CICAndMal2017 achieved as low as 63% precision when tested following same conditions.
Références
Z. Aung and W. Zaw. Permission-based android malware detection. International Journal of Scientific & Technology Research, 2(3):228–234, 2013.
- C.-Y. Huang, Y.-T. Tsai, and C.-H. Hsu. Performance evaluation on permission-based detection for android malware. In Advances in Intelligent Systems and Applications-Volume 2, pages 111–120. Springer, 2013
- D.-J. Wu, C.-H. Mao, T.-E. Wei, H.-M. Lee, and K.- P. Wu. Droidmat: Android malware detection through manifest and api calls tracing. In 2012 Seventh Asia
Joint Conference on Information Security, pages 62–69. IEEE, 2012.
- Y. Nishimoto, N. Kajiwara, S. Matsumoto, Y. Hori, and K. Sakurai. Detection of android api call using logging mechanism within android framework. In International Conference on Security and Privacy in Communication Systems, pages 393–404. Springer, 2013. 5- P. P. Chan and W.-K. Song. Static detection of android malware by using permissions and api calls. In 2014 International Conference on Machine Learning and Cybernetics, volume 1, pages 82–87. IEEE, 2014.
- M. Zhang, Y. Duan, H. Yin, and Z. Zhao. Semanticsaware android malware classification using weighted contextual api dependency graphs. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 1105–1116. ACM, 2014.
- Y. Zhou and X. Jiang. Dissecting android malware: Characterization and evolution. In Security and Privacy (SP), 2012 IEEE Symposium on, pages 95–109. IEEE, 2012.
- A. Feizollah, N. B. Anuar, R. Salleh, G. Suarez-Tangil, and S. Furnell. Androdialysis: Analysis of android intent effectiveness in malware detection. computers & security, 65:121–134, 2017.
- D. Maiorca, F. Mercaldo, G. Giacinto, C. A. Visaggio,and F. Martinelli. R-packdroid: Api package-based characterization and detection of mobile ransomware.In Proceedings of the symposium on applied computing, pages 1718–1723. ACM, 2017.
-A. Desnos and P. Lantz. Droidbox: An android application sandbox for dynamic analysis. Lund Univ., Lund, Sweden, Tech. Rep, 2011.
Téléchargements
Publiée
Comment citer
Numéro
Rubrique
Licence
Open access and copyright policy
The journal offers access to the contents in the open access system on the principles of non-exclusive license Creative Commons (CC BY 4.0). Thus, the authors are required to agree with that policy. In this regard, authors will be asked to complete a submission card with a copyright transfer agreement that specifies detailed descriptions of the copyright transfer. The submission card is provided via email before the publication.
Publication fee
IJSSASS is a self-funded journal. For this reason, the journal handles a publication fee. The current publication fee is provided on the journal’s Web site in the section Instruction for authors. Thus, the publication fee that is required for manuscript processing is clearly stated on our website
