Abstract
As the number of Android malware applications continues to grow at a high rate, detecting malware to protect the system security and user privacy is becoming increasingly urgent. Each malware application belongs to a specific family, and there is a gap in the number of malware families. The accuracy of detection can be improved if malware family information is well utilized and certain strategies are adopted to balance the variability among samples. In addition, the performance of a base classifier is limited. If an ensemble classifier or an ensemble method can be adopted, the detection effect can be further improved. Therefore, this paper proposes a novel malware family-based bagging algorithm for Android malware detection, called FB2Droid, to perform malware detection. First, five features are extracted from the Android application package. Then, the relief feature selection algorithm is used for feature selection. Next, we designed two different sampling strategies based on different families of malware to alleviate the sample imbalance in the dataset. Combined with the two sampling strategies, the traditional bagging algorithm is improved to integrate the classifier. In the experiment, several classifiers were used to evaluate the proposed scheme. The experimental results show that the proposed sampling strategy and the improved bagging algorithm can effectively improve the detection accuracy of these classifiers.
Highlights
In recent years, the Android operating system has developed rapidly and has been the most widely used smartphone operating system
The group with the worst results is selected from the results shown above and compared with the existing ensemble classifiers, such as random forest (RF), gradient boosting decision tree (GBDT), and AdaBoost
A novel malware family-based bagging ensemble method (FB2) and Android malware detection scheme (FB2Dorid) were proposed in this paper. is detection scheme consists of the following steps
Summary
The Android operating system has developed rapidly and has been the most widely used smartphone operating system. According to different feature extraction methods, Android malware detection can be divided into static analysis and dynamic analysis. Erefore, to address the above issues, this paper proposes a novel malware family-based bagging algorithm for Android malware detection. E experimental results show that the detection accuracy and F-score of malware are improved by 2.3% and 2.0% by using the proposed ensemble scheme based on some common classifiers. (3) e designed sampling strategies take into account the imbalance between the malware families, can effectively alleviate the imbalance within the class, and fully take care of each malicious family (4) We designed and carried out a number of experiments and presented a wealth of experimental results.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
