Abstract
<p>Android operating system has become very popular, with the highest market share, amongst all other mobile operating systems due to its open source nature and users friendliness. This has brought about an uncontrolled rise in malicious applications targeting the Android platform. Emerging trends of Android malware are employing highly sophisticated detection and analysis avoidance techniques such that the traditional signature-based detection methods have become less potent in their ability to detect new and unknown malware. Alternative approaches, such as the Machine learning techniques have taken the lead for timely zero-day anomaly detections. The study aimed at developing an optimized Android malware detection model using ensemble learning technique. Random Forest, Support Vector Machine, and k-Nearest Neighbours were used to develop three distinct base models and their predictive results were further combined using Majority Vote combination function to produce an ensemble model. Reverse engineering procedure was employed to extract static features from large repository of malware samples and benign applications. WEKA 3.8.2 data mining suite was used to perform all the learning experiments. The results showed that Random Forest had a true positive rate of 97.9%, a false positive rate of 1.9% and was able to correctly classify instances with 98%, making it a strong base model. The ensemble model had a true positive rate of 98.1%, false positive rate of 1.8% and was able to correctly classify instances with 98.16%. The finding shows that, although the base learners had good detection results, the ensemble learner produced a better optimized detection model compared with the performances of those of the base learners.</p>
Highlights
Hand held devices have become very critical part of human lives and they play very crucial part in the economy
The tabular comparison of the results show that Random Forest turns out as the best performing base-learner given that it has a very low false positive rate of 1.9% and an error rate of 0.2% and has the highest ROC Area of 99.8%. k-Nearest Neighbours (k-NN) recorded a very strong competitive performance with Random Forest. k-NN has the lowest False Positive Rate (FPR) of 0.8% and a highest precision of 99.1%
The Majority Vote combination rule produced a true positive detection rate of 98.1% which is relatively an improvement in the detection accuracy compared to 97.9% detection rate obtained by the best single classifier, Random Forest
Summary
Hand held devices have become very critical part of human lives and they play very crucial part in the economy. The rapid increase of the Android systems in the economy is supported by the open source nature of the platform This has drawn lots of attentions to the platform from both legitimate (innocent) and illegitimate (malicious) users. Have especially seen this as an opportunity to exploit the users of these devices through cyber thefts and other devastating attacks [2]. These mischievous developers are releasing Android malware into the economy at an exponential rate [3] and research has shown that, in the second quarter of 2018, a new malicious Android application was introduced every 7 seconds into the wild [4]. The continuous growth rate of Android malware, both in overall volume and in number of existing variants, is so rapid that it has become very difficult to deploy signature-based detection systems to combat the new trend [5,6]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Interactive Mobile Technologies (iJIM)
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
