Call for Paper - Upcoming Issues

Enhancing Android Malware Detection: A Grid-Tuned Two-Layered Stacking Approach

International Journal of Electronics and Communication Engineering
© 2024 by SSRG - IJECE Journal
Volume 11 Issue 9
Year of Publication : 2024
Authors : Ravi Eslavath, Upendra Kumar Mummadi
10.14445/23488549/IJECE-V11I9P122
pdf
How to Cite?

Ravi Eslavath, Upendra Kumar Mummadi, "Enhancing Android Malware Detection: A Grid-Tuned Two-Layered Stacking Approach," SSRG International Journal of Electronics and Communication Engineering, vol. 11,  no. 9, pp. 253-269, 2024. Crossref, https://doi.org/10.14445/23488549/IJECE-V11I9P122

Abstract:

Android malware detection is critical for protecting users from cybercrime by automatically identifying potentially harmful applications before they can affect devices. This study explores the efficacy of various machine learning techniques, including ensemble and voting algorithms, for enhancing malware detection. Traditional methods face challenges due to the increasing number of attributes and the dynamic nature of certain features, necessitating more robust solutions. The proposed model addresses these challenges by initially transforming class labels into numerical format and applying normalization to independent attributes, thereby reducing variance and improving computational efficiency. The methodology involves a two-layered stacking approach rather than a single-layer model to minimize the risk of misclassification and improve the handling of unknown malware. At the base level, hyperparameters of traditional classifiers such as SVM, KNN, and Bernoulli Naive Bayes are finely tuned using repeated cross-validation, creating a diverse meta data repository. The stacking classifier employs a voting mechanism that considers all possible true and false classification rates, enhancing predictive accuracy. The next layer (meta classifier-1) utilizes tuned ensemble methods to generate numerical predictions, which are then processed by a final logistic regression layer (meta classifier-2). The proposed model demonstrates a significant improvement, achieving a +0.9% increase in accuracy compared to standalone tuning algorithms, thereby offering a more reliable and efficient approach to Android malware detection. This study utilizes the Drebin dataset, which includes 15,036 samples comprising 5,560 malware and 9,476 benign applications, to evaluate the model's performance.

Keywords:

Bernoulli NB, 2- layered stack, Meta data, Hyperparameters, Malware analysis.

References:

[1] Ivan Dychka et al., “Malware Detection Using Artificial Neural Networks,” Advances in Computer Science for Engineering and Education II, Advances in Intelligent Systems and Computing, vol. 938, pp. 3-12, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[2] Zarni Aung, and Win Zaw, “Permission-Based Android Malware Detection,” International Journal of Scientific & Technology Research, vol. 2, no. 3, pp. 228-234, 2018.
[Google Scholar]
[3] İsmail Atacak, Kazım Kılıç, and İbrahim Alper Doğru, “Android Malware Detection Using Hybrid ANFIS Architecture with Low Computational Cost Convolutional Layers,” PeerJ Computer Science, vol. 8, pp. 1-23, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[4] Imtiyaz Khan et al., “Secure and Efficient Data Sharing Scheme for Multi-User and Multi-Owner Scenario in Federated Cloud Computing,” Journal of Theoretical and Applied Information Technology, vol. 102, no. 6, pp. 2541-2555, 2024.
[Google Scholar] [Publisher Link]
[5] Min Zhao et al., “AntiMalDroid: An Efficient SVM-Based Malware Detection Framework for Android,” Information Computing and Applications, Communications in Computer and Information Science, vol. 243, pp. 158-166, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[6] Kuruva Laxmanna, K. Lakshmi, and S. Prem Kumar, “Identifying Malwares by Signature Distribution Algorithm in MANET with Assorted Strategy,” International Journal of Computer Engineering in Research Trends, vol. 2, no. 9, pp. 636-639, 2015.
[Google Scholar] [Publisher Link]
[7] Rodney Anthony Raj, and A.R. Chayapathi, “Malware as a Component in Cybercrime: A Survey,” International Journal of Computer Engineering in Research Trends, vol. 4, no. 5, pp. 176-179, 2017.
[Google Scholar] [Publisher Link]
[8] Suleiman Y. Yerima, and Sakir Sezer, “DroidFusion: A Novel Multilevel Classifier Fusion Approach for Android Malware Detection,” IEEE Transactions on Cybernetics, vol. 49, no. 2, pp. 453-466, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[9] Rishab Agrawal et al., “Android Malware Detection Using Machine Learning,” International Conference on Emerging Trends in Information Technology and Engineering, Vellore, India, pp. 1-4, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[10] Long Wen, and Haiyang Yu, “An Android Malware Detection System Based on Machine Learning,” AIP Conference Proceedings, vol. 1864, no. 1, pp. 1-7, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[11] Nikola Milosevic et al., “Machine Learning Aided Android Malware Classification,” Computers & Electrical Engineering, vol. 61, pp. 266-274, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[12] K. Thejeswari, K. Sreenivasulu, and B. Sowjanya, “Cyber Threat Security System Using Artificial Intelligence for Android-Operated Mobile Devices,” International Journal of Computer Engineering in Research Trends, vol. 9, no. 12, pp. 275-280, 2022.
[CrossRef] [Publisher Link]
[13] Zhiwu Xu et al., “CDGDroid: Android Malware Detection Based on Deep Learning using CFG and DFG,” Formal Methods and Software Engineering, vol. 11232, pp. 177-193, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[14] Burak Tahtaci, and Beyzanur Canbay, “Android Malware Detection Using Machine Learning,” Innovations in Intelligent Systems and Applications Conference, Istanbul, Turkey, pp. 1-6, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[15] Arvind Mahindru, and A.L. Sangal, “MLDroid—Framework for Android Malware Detection using Machine Learning Techniques,” Neural Computing and Applications, vol. 33, pp. 5183-5240, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[16] T. Monisha, R. Sridevi, and K.R. Tirumalini, “Detection of Malicious URLs Using Artificial Intelligence,” International Journal of Computer Engineering in Research Trends, vol. 7, no. 8, pp. 6-10, 2020.
[Publisher Link]
[17] Xinning Wang, and Chong Li, “Android Malware Detection through Machine Learning on Kernel Task Structures,” Neurocomputing, vol. 435, pp. 126-150, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[18] Rodney Anthony Raj, and A.R. Chayapathi, “A Honeypot for a Small Network using Raspberry Pi,” International Journal of Computer Engineering in Research Trends, vol. 4, no. 8, pp. 319-324, 2017.
[Publisher Link]
[19] B. Prasanthi, Suresh Pabboju, and D. Vasumathi, “Query Adaptive Hash-Based Image Retrieval in Intent Image Search,” Journal of Theoretical & Applied Information Technology, vol. 93, no. 2, pp. 278-286, 2016.
[Google Scholar] [Publisher Link]
[20] Zhuo Ma et al., “Droidetec: Android Malware Detection and Malicious Code Localization through Deep Learning,” Arxiv, pp. 1-13, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[21] ElMouatez Billah Karbab, and Mourad Debbabi, “PetaDroid: Adaptive Android Malware Detection Using Deep Learning,” Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), Cham: Springer, pp. 319-340, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[22] Vasileios Kouliaridis, and Georgios Kambourakis, “A Comprehensive Survey on Machine Learning Techniques for Android Malware Detection,” Information, vol. 12, no. 5, pp. 1-12, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[23] Mohammed K. Alzaylaee, Suleiman Y. Yerima, and Sakir Sezer, “DL-Droid: Deep Learning-Based Android Malware Detection using Real Devices,” Computers & Security, vol. 89, pp. 1-11, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[24] Tianliang Lu et al., “Android Malware Detection Based on a Hybrid Deep Learning Model,” Security Communication Networks, vol. 2020, no. 1, pp. 1-11, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[25] Omar N. Elayan, and Ahmad M. Mustafa, “Android Malware Detection Using Deep Learning,” Procedia Computer Science, vol. 184, pp. 847-852, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[26] Halil Murat Ünver, and Khaled Bakour, “Android Malware Detection Based on Image-Based Features and Machine Learning Techniques,” SN Applied Sciences, vol. 2, pp. 1-15, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[27] Stuart Millar et al., “Multi-View Deep Learning for Zero-Day Android Malware Detection,” Journal of Information Security and Applications, vol. 58, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[28] Nadia Daoudi et al., “Lessons Learnt on Reproducibility in Machine Learning Based Android Malware Detection,” Empirical Software Engineering, vol. 26, pp. 1-53, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[29] Marília Prata, Android Malware LSTM, Kaggle, 2021. [Online]. Available: https://www.kaggle.com/code/mpwolke/android-malware-lstm/input.
[CrossRef] [Google Scholar] [Publisher Link]