Abstract
Android devices are very popular because of their availability at reasonable prices. However, there is a rapid rise of malware applications in Android platform in the recent past years due to its security vulnerabilities. The existing static malware detection mechanisms can locate malicious components associated with the source code of an application and dynamic analysis can identify exploits in the runtime environment. Hence, the advantages of both static and dynamic mechanisms need to be combined to form a hybrid analysis mechanism for achieving better accuracy in malware detection. The existing machine learning based hybrid malware analysis mechanisms do not check the interdependency of static and dynamic features used in their machine learning classifiers. This interdependency can lead to multicollinearity problem which can affect the classifier’s performance. Hence, in this paper we propose a novel TAN (Tree Augmented naive Bayes) based hybrid malware detection mechanism by employing the conditional dependencies among relevant static and dynamic features (API calls, permissions and system calls) which are required for the functionality of an application. We trained three ridge regularized logistic regression classifiers corresponding to API calls, permission and system calls of an application and modeled their output relationships as a TAN (Tree Augmented naive Bayes) for identifying whether the application is malicious or not. The experimental results show that the proposed mechanism can detect malicious applications over a long period with an accuracy of 0.97.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.