Detection of malicious Android applications using Ontology-based intelligent model in mobile cloud environment

Abstract

Mobile Cloud Computing (MCC) is a computing model that makes mobile devices resourceful by executing mobile applications (apps) in the cloud and storing data in cloud servers. MCC faces several security threats in both the Cloud and Mobile environments. Among several threats, malicious apps are the most threatening ones, because they can perform various malicious activities in both environments. The traditional malware detection methods may not detect new types of malware or rapidly changing malware behavior. So, there is a need to develop an accurate model for detecting malicious apps in the MCC environment. Scalability and Knowledge Reusability are challenging issues in existing detection methods. To overcome these issues, the proposed model uses an effective Ontology-based intelligent model based on app permissions to detect malware apps. This model extracts the relationship between the static features from the apps and builds an Apps Feature Ontology (AFO). A concept vector set for apps is created using the items obtained from the AFO. The most discriminant features are selected using optimization algorithms like Particle Swarm Optimization, Social Spider Algorithm (SSA), and Gravitational Search Algorithm to reduce the dimension of the concept vector set. Various classifiers are applied to the reduced set. The efficiency of the proposed approach was evaluated on datasets obtained from the AndroZoo repository and VirusShare. The experimental results reveal that the proposed model can correctly detect malware using the Random Forest (RF) classifier with SSA and achieve higher detection accuracy with the lesser fall-out and less detection speed than existing Android malware detection techniques. Specifically, RF with SSA obtained higher accuracy, F1-score, and reduction in the fall-out of 94.11%, 93%, and 3%, respectively.