Performance Analysis of Unsupervised Machine Learning Methods for Mobile Malware Detection

Abstract

The mobile malware attacks are one of the major cyber-attacks. These attacks aim to steal the users' personal credentials through banking malware, Short Message Service (SMS) malware, viruses, worms, trojan horse, ransomware, riskware, adware, spyware and many more. Machine learning techniques predominantly support automation to detect the different malwares that take place in the mobile devices. Specifically, unsupervised machine learning techniques are the most appropriate methods to expose the hidden anomalies in the data. In this paper, six unsupervised machine learning models namely, K-means, K - Nearest Neighbor (K-NN), Density-based Spatial Clustering of Applications with Noise (DBSCAN), Ordering Points to Identify Clustering Structure (OPTICS), Hierarchical and Spectral clustering are experimented for mobile malware detection. The performance of these models is evaluated using various internal and external validation metrics to suggest the suitable unsupervised model to detect mobile malwares accurately. A systematic framework is used to detect the hidden mobile malware data points in CICMalDroid 2020 dataset. Based on the comparative analysis of different unsupervised machine learning models, K-means clustering model provides the highest accuracy of 88% for mobile malware detection.