Malware Detection in Android Using Data Mining

Malware Detection in Android Using Data Mining

Suparna Dasgupta (JIS College of Engineering, Kalyani, India), Soumyabrata Saha (JIS College of Engineering, Kalyani, India) and Suman Kumar Das (JIS College of Engineering, Kalyani, India)
Copyright: © 2017 |Pages: 17
DOI: 10.4018/IJNCR.2017070101

Abstract

This article describes how as day-to-day Android users are increasing, the Internet has become the type of environment preferred by attackers to inject malicious packages. This is content with the intention of gathering critical information, spying on user details, credentials, call logs, contact details, and tracking user location. Regrettably it is very hard to detect malware even with antivirus software/packages. In addition, this type of attack is increasing day by day. In this article the authors have chosen a Supervised Learning Classification Tree-based algorithm to detect malware on the data set. Comparison amongst all the classifiers on the basis of accuracy and execution time are used to build the classifier model which has the highest executed detections.
Article Preview

Introduction

The term ‘Malware’ (Kramer & Bradfield, 2010) an acronym for malicious software which contains unwanted and malicious codes, contents, scripts intentionally designed or developed for gathering information that causes loss of user’s privacy or even exploitation, gaining unauthorized access into the system etc. It usually occurs when any users unwittingly install software or packages from untrusted sites or unknown sources or even when a user unknowingly clicks on unknown URL's leads to installation of Malware into their system. There are many types of malware, so it is very imperative to identify the malware according to its types as the malwares increase day by day irrespective of the user platforms i.e. whether it is Windows / Macintosh / Android or whatever and are a threat to the security of the network. The term Malware is a broader aspect and includes several scripts or malicious codes or programs and is classified into several categories (Gupta, 2013) like: adware, bots, bugs, rootkit, spyware, Trojan horses, viruses and worms, and these schemes have presented in background section. Figure 1 (Lueg, 2017) shows increased in volume of new android malware samples from year 2012 to first quarter of year 2017.

Figure 1.

Increased in volume of new android malware samples from year 2012 to first quarter of 2017

From the report, it is evidenced that the malware for the Android platform is increasing enormously in large quantities, so, to stay secure an adequate detection and analysis of malware must be carried out. On the other hand, data mining (Silwattananusarn & Tuwamsuk, 2012) is the technique that uses computational intelligence that acts on large data sets or databases to find the relationship between attributes can be used for classification tasks or can even be used to make predictions. Malware is generally detected and analyzed using two approaches, a) Static Malware Analysis (Uppal, Mehra & Verma, 2009) b) Dynamic Malware Analysis (Egele, Scholte, Kirda & Kruegel, 2012), description of both are mentioned in this paper. In this work authors have used dynamic malware detection based approach and in addition have used classification tree based data mining technique namely Decision Stump (Kohavi, 1995), J48 Decision Tree (Quinlan, 1993) and Random Tree (Brieman, 2001) to identify malware and non-malware/benign executing or running in the system based on certain feature and properties.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 8: 4 Issues (2019): Forthcoming, Available for Pre-Order
Volume 7: 4 Issues (2018): 2 Released, 2 Forthcoming
Volume 6: 2 Issues (2017)
Volume 5: 4 Issues (2015)
Volume 4: 4 Issues (2014)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing