Bat optimization algorithm for wrapper‐based feature selection and performance improvement of android malware detection

Abstract

Android malware is a serious threat to the mobile users and their data. The losses incurred are unimaginable, which stretch to the extent of identity theft, financial loss, sensitive information loss, espionage, sabotage, cyber fraud, to mention a few. Android application's permission attributes can be analysed for malware detection using machine learning. However, the high-dimensional permission attributes are the bottleneck in designing optimized malware detection system. Identification of useful permission attributes is an NP-hard problem. Bat Optimization Algorithm for Wrapper-based Feature Selection (BOAWFS) is proposed in this article and evaluated on the CICInvesAndMal2019 benchmark dataset. The performance of BOAWFS is also compared with that of Cuckoo Search Optimization for Wrapper-based Feature Selection (CSOWFS) and Grey Wolf Optimization for Wrapper-based Feature Selection (GWOWFS). Five classifiers, Random Forest (RF), Support Vector Machines (SVMs), K-Nearest Neighbour (KNN), Decision Tree (DT), and Nearest Centroid (NC) are compared for wrapper feature selection. BOAWFS outperformed consistently with all the five classifiers. With 200 agents and 100 iterations, the BOAWFS-DT outperformed with 93.73% accuracy after reducing the features to 518 from 4115. The considerable contribution of BOAWFS is that a 1.67% improvement in accuracy with 87.41% redundancy removal in features is achieved for the very high-dimensional permission-based android malware dataset.