Abstract
The Android operating system has gained popularity and evolved rapidly since the previous decade. Traditional approaches such as static and dynamic malware identification techniques require a lot of human intervention and resources to design the malware classification model. The real challenge lies with the fact that inspecting all files of the application structure leads to high processing time, more storage, and manual effort. To solve these problems, optimization algorithms and deep learning has been recently tested for mitigating malware attacks. This manuscript proposes Summing of neurAl aRchitecture and VisualizatiOn Technology for Android Malware identification (SARVOTAM). The system converts the malware non-intuitive features into fingerprint images to extract the quality information. A fine-tuned Convolutional Neural Network (CNN) is used to automatically extract rich features from visualized malware thus eliminating the feature engineering and domain expert cost. The experiments were done using the DREBIN dataset. A total of fifteen different combinations of the Android malware image sections were used to identify and classify Android malware. The softmax layer of CNN was substituted with machine learning algorithms like K-Nearest Neighbor (KNN), Support Vector Machine (SVM), and Random Forest (RF) to analyze the grayscale malware images. It is observed that CNN-SVM model outperformed original CNN as well as CNN-KNN, and CNN-RF. The classification results showed that our method is able to achieve an accuracy of 92.59% using Android certificates and manifest malware images. This paper reveals the lightweight solution and much precise option for malware identification.
Highlights
Any software with mala fide intention is a malware
This manuscript concludes the fact that certificate and Android manifest (CR+AM) are most suited features for malware identification and classification
The softmax layer of Convolutional Neural Network (CNN) was augmented for classification purposes using Support Vector Machine (SVM), K-Nearest Neighbor (KNN) and Random Forest (RF)
Summary
Any software with mala fide intention is a malware (malicious software). They generally have a mischievous behaviour and are developed to interrupt normal functioning, steal sensitive information, display unwanted advertising, or getting control of the users’ device without knowledge. Malware and unintentionally harmful software are collectively termed as badware. Malware systems have evolved to be more intelligent, smart, and decisive. Developed malware is too sophisticated to obstruct emulators and avoid deep static analysis. Malware propagates through deploying metamorphism methods like multi-packer, code transformation, encryption, registry modification, virtual machines, anti-debugging, and instruction permutation. Malware is smart enough to detect the best moment to launch its Sensors 2020, 20, 7013; doi:10.3390/s20247013 www.mdpi.com/journal/sensors
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.