HybriDroid: an empirical analysis on effective malware detection model developed using ensemble methods

Abstract

Malware detection from the smartphone has become a challenging issue for academicians and researchers. In this research paper, we applied five distinct machine learning algorithms and three different ensemble methods to develop a model for detecting malware from an Android-based smartphone. In this study, we proposed a framework that helps in selecting the right sets of the feature with an aim to improve the performance of the malware detection models. The proposed malware detection framework is then validated by considering two distinct performance parameters, i.e., accuracy and F-measure as a benchmark to detect malware from real-world apps. We performed an empirical study on thirty different categories of Android apps. The experimental data set consists of 1,94,659 benign apps and 67,538 malware apps that are collected from different promised repositories. Empirical results reveal that the models developed by using the proposed feature selection framework are able to detect more malware-infected apps when compared to all extracted feature sets. Moreover, the malware detection model build by using nonlinear ensemble decision tree forest (NDTF) approach is achieved a detection rate of 98.8%. In addition to that, the proposed malware detection framework is more effective in detecting malware-infected apps as compared to different anti-virus scanners and different frameworks or approaches developed in the literature.