dentifying Zero Day Android Daily through Neural Networks

Document Type : Original Article

Authors

1 Assistant Professor, Amin University of Management Sciences, Tehran, Iran

2 PhD student, Allameh Tabatabai University, Tehran, Iran

3 Assistant Professor of Imam Hossein University, Tehran, Iran

Abstract

With the increase in the Internet's penetration rate in life and the use of this technology in all aspects, the use of mobile phones has increased as well. This, in addition to creating many benefits, has expanded and accelerated the release of some malicious programs called malware. In this study, it is attempted to use a multilayer neural network and learning machine diagnosis of zero daytime malware on smartphones. For this purpose, the standard database has been labeled with more than 15,000 samples of malware and goodware. In the pre -processing phase, the data is first performed using normalization and alignment of the data and by analyzing the main components of the feature of the selection of the feature and selected from 1183 features 215 features that have higher variances, followed by the model. A suggestion is introduced from the multilayer neural network class and the optimization algorithm based on the training and learning that apply it to the databases and compare its classification results with vector algorithms, genetic algorithm, nearest neighbor. And ... it can be seen that the neural network training increases accuracy and accuracy. The results of the use of multilayer neural network based on education and learning indicate 99% accuracy and 98% accuracy.

Keywords

Smiley face

References

] Bartos, Karel, Michal Sofka, and Vojtech Franc. ”Optimized Invariant Representation of Network Traffic for Detecting Unseen Malware Variants.” USENIX Security Symposium. 2016.
[2] Liu, L.; Wang, B. Sh.; Yu, B.; Zhong, Q. X. “Automatic Malware Classification and New Malware Detection Using Machine Learning”; Front. Inf. Technol. Electron. Eng. 2017, 18, 1336–1347.
[3] Seo, S. H.; Gupta, A.; Mohamed Sallam, A.; Bertino, E.; Yim,K. “Detecting Mobile Malware Threats to Homeland Security through Static Analysis”; J. Netw. Comput. Appl. 2014, 38, 43-53.
[4] Tom Young, Devamanyu Hazarika, Soujanya Poria, and Erik Cambria. 2018. Recent trends in deep learning based natural language processing. IEEE Comput. Intell. Mag. 13, (2018)
[5] Nayeem, Kh.; Johari, A.; Adnan, Sh. “Defending Malicious Script Attacks Using Machine Learning Classifiers”; Wirel.Commun. Mob. Com. 2017.
[6] Z.-U. Rehman et al., “Machine learning-assisted signature and heuristic-based detection of malwares in اندروید devices,” Computers & Electrical Engineering, vol. 69, pp.828-841, 2018.
[7] H. Sayadi, N. Patel, S. M. PD, A. Sasan, S. Rafatirad, and H.Homayoun, “Ensemble learning for effective run-time hardware-based malware detection: A comprehensive analysis and classification,” in 2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC), IEEE, pp. 1-6, 2018.
[8] N. Patel, A. Sasan, and H. Homayoun, “Analyzing hardware based malware detectors,” in 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC), IEEE, pp. 1-6, 2017.
[9] B. Singh, D. Evtyushkin, J. Elwell, R. Riley, and I.Cervesato, “On the detection of kernel-level rootkits using hardware performance counters,” in Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 483-493, 2017.
[10] Arora, Anshul, and Sateesh K. Peddoju. ”Minimizing Network Traffic Features for اندروید Mobile Malware Detection.”Proceedings of the 18th International Conference on Distributed Computing and Networking. ACM, 2017.
[11] Hansen, S.; Larson, M. L.; Stevanovic, M.; Pedersen, J. M. “An Approach for Detection and Family Classification of Malware Based on Behavioral Analysis”; Int. Conf. on Computing, Networking and Communications, 2016.
[12] Imran, M.; Afzal, M. T.; Qadir, M. A.; Xiao, Zh.; Li, K. “Malware Classification using Dynamic Features and Hidden Markov Model”; J. Intell. Fuzzy Syst. 2016, 31, 837.
[13] S. Dash, Suarez-Tangil, K. G, T. S, A. K, K. J. M and L. Cavallaro, "DroidScribe: Classifying اندروید Malware Based on Runtime Behavior," in Mobile Security Technologies (MoST 2016), 2016. 
[14] Mohaisen, A.; Alrawi, O.; Mohaisen, M. “AMAL: High-Fidelity, Behavior-Based Automated Malware Analysis and Classification”; Comput. Secur. 2015, 52, 251–266.
[15] S. Dai and A. Tongaonkar and X. Wang and A. Nucci and D.Song, Network Profiler: Towards automatic fingerprinting of اندروید apps, Proceedings IEEE INFOCOM,p809-817, 2013
[16] J. Sahs and L. Khan, "A Machine Learning Approach to اندروید Malware Detection," in European Intelligence and Security Informatics Conference - IEEE, 2012. 
[17] G. Dini, F. Martinelli, A. Saracino and D. Sgandurra, "MADAM: a MultiLevel Anomaly Detector for اندروید Malware," Computer Network  Security. MMM-ACNS 2012. Springer, vol. 7531, pp. 240-253,2021
[18] B. Sanz, I. Santos, C. Laorden, X. Ugarte-Pedrero, P. G. Bringas and G. Alvarez, "PUMA: Permission Usage to detect Malware in اندروید," Advances in Intelligent Systems and Computing, vol. 189, no. AISC,       pp. 289-298,2020،
[19] Javaheri, D. “A Solution for Recognition and Confronting of Obfuscation and Stealth Techniques of Behavior in Spywares”;Ph.D. Thesis, Islamic Azad University, Science and Research Branch, Tehran, Iran, 2018 (In Persian).
[20] M. Damshenas, A. Dehghantanha, K.-K. R. Choo and R. Mahmud, "M0Droid: An اندروید Behavioral-Based Malware Detection Model," Journal of Information Privacy and Security, vol. 11, no. 3, pp. 141-157     , 2015. 
[21] G. Ciaburro and B. Venkateswaran, Neural Networks with R. Packt Publishing, 2017.
 

Files

History

  • Receive Date: 25 February 2023
  • Revise Date: 12 May 2023
  • Accept Date: 02 July 2023
  • Publish Date: 28 September 2023

Share

How to cite

Statistics