Abstract
In the last decades, mobile-based apps have been increasingly used in several application fields for many purposes involving a high number of human activities. Unfortunately, in addition to this, the number of cyber-attacks related to mobile platforms is increasing day-by-day. However, although advances in Artificial Intelligence science have allowed addressing many aspects of the problem, malware classification tasks are still challenging. For this reason, the following paper aims to propose new special features, called permission maps (Perm-Maps), which combine information related to the Android permissions and their corresponding severity levels. Such features have proven to be very effective in classifying different malware families through the usage of a convolutional neural network. Also, the advantages introduced by the Perm-Maps have been enhanced by a training process based on a federated logic. Experimental results show that the proposed approach achieves up to a 3% improvement in average accuracy with respect to J48 trees and Naive Bayes classifier, and up to 16% compared to multi-layer perceptron classifier. Furthermore, the combined use of Perm-Maps and federated logic allows dealing with unbalanced training datasets with low computational efforts.
Highlights
Since Android-based devices are used by thousands of endusers every year, more and more malicious applications are continuously developed by cyber-criminals in order to steal sensitive information and conduct hostile activities
To face the following security trend and support researchers in addressing the malware detection tasks, several approaches based on machine learning (ML) and deep learning (DL) have proved to be effective in facing many aspects related to Android threats, especially when they have been combined with static and dynamic features directly extracted from mobile apps [16, 21, 31]
Since the number of employed permissions is 298, the final goal is devoted to exploring a feature extraction technique, based on the most frequent Android permissions, in order to reduce the computational effort required by the generation and training processes of the Perm-Map and CNN, respectively
Summary
Since Android-based devices are used by thousands of endusers every year, more and more malicious applications are continuously developed by cyber-criminals in order to steal sensitive information and conduct hostile activities. Many state-of-the-art approaches suffer from problems related to their dynamic re-training, as well as the updating training datasets To address these issues, in this paper, we propose new special features, called permission maps (Perm-Maps), which combine information related to the Android permissions and their corresponding severity levels. In this paper, we propose new special features, called permission maps (Perm-Maps), which combine information related to the Android permissions and their corresponding severity levels Such features are employed to classify different malware families through the usage of a convolutional neural network. To reduce the computational effort respectively required by the Perm-Maps generation and CNN training processes, we investigate a feature selection technique based on the most frequent Android permissions. 4. A feature selection technique based on the most frequent Android permissions is investigated to reduce the computational effort required by the Perm-Maps generation and CNN training processes, respectively.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
