Research on Android Malware Detection Based on Random Forest

doi:10.3969/j.issn.1671-1122.2019.09.001

Abstract

Abstract:

Based on the strong classifier random forest, an Android malware detection method is proposed. With the permission of Android as the feature, the effective permission is defined; the support and association rules in the data mining algorithm are employed to analyze the permission and realize the effective permission identification. Finally, a random forest classifier is constructed, and the effective permission matrix is used as the input of the classifier for training and testing. The experimental results show that the accuracy of the proposed method is 92.84%, and the F-value is 93.05%, which is obviously superior to other detection models.

Key words: Android malware detection, effective permission, association rules, random forest

CLC Number:

TP309

Xin SONG, Kai ZHAO, Linlin ZHANG, Wenbo FANG. Research on Android Malware Detection Based on Random Forest[J]. Netinfo Security, 2019, 19(9): 1-5.

Figures/Tables 7

References 14

[1]	Symantec. Android OS. Fakeplayer[EB/OL]. , 2016-8-1.
[2]	CASTILLO C A. Android Malware Past, Present, Future[EB/OL]. , 2016-8-1.
[3]	ZHANG Yuan, YANG Min, XU Bingquan, et al.Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis[C]//ACM. 20th SIGSAC Conference on Computer & Communications Security, November, 4-8, 2013, Berlin, Germany. New York: ACM, 2010: 611-622.
[4]	WILLIAM E, PETER G, CHUN B G, et al.TaintDroid: An Information-flow Tracking System for Realtime Privacy Monitoring on Smartphones[J]. ACM Transactions on Computer Systems, 2014, 32(2): 99-106.
[5]	CAI Haipeng, MENG Na, RYDER B, et al.DroidCat: Effective Android Malware Detection and Categorization via App-Level Profiling[J]. IEEE Transactions on Information Forensics and Security, 2019, 14(6): 1455-1470.
[6]	FENG Yu, ANAND S, DILLIG I, et al.Apposcopy: Semantics-based Detection of Android Malware through Static Analysis[C]//ACM. 22nd SIGSOFT International Symposium on Foundations of Software Engineering, November 16-22, 2014, Hong Kong, China. New York: ACM, 2014: 576-587.
[7]	YANG Zhemin, YANG Min.Leakminer: Detect Information Leakage on Android with Static Taint Analysis[C]//IEEE. 3rd World Congress on Software Engineering, November 6-8, 2012, Wuhan, China. New Jersey: IEEE, 2012: 101-104.
[8]	YANG Wei, XIAO Xueshegn, ANDOW B, et al.AppContext: Differentiating Malicious and Benign Mobile APP Behaviors Using Context[C]//IEEE. 37th International Conference on Software Engineering, May 16-24, 2015, Florence, Italy. New Jersey: IEEE, 2015: 303-313.
[9]	SHARMA A, DOEGAR A.Permission-set Based Detection and Analysis of Android Malware[J]. Springer Cyber Security, 2018, 729(1): 231-239.
[10]	DURMUS O S, OGUZ E K, SEDAT A, et al.New Results on Permission Based Static Analysis for Android Malware[C]//IEEE. 6th International Symposium on Digital Forensic and Security, March 22-15, 2018, Antalya, Turkey. New Jersey: IEEE, 2018: 1-4.
[11]	LI Xiang, LIU Jianyi, HUO Yanyu, et al.An Android Malware Detection Method Based on AndroidManifest File[C]//IEEE. 4th IEEE International Conference on Cloud Computing and Intelligence Systems, August 17-19, 2016, Beijing, China. New Jersey: IEEE, 2016: 239-243.
[12]	QING Sihan.Research Progress on Android Security[J]. Journal of Software, 2016, 27(1): 45-71.
	卿斯汉. Android安全研究进展[J]. 软件学报,2016,27(1):45-71.
[13]	LIN Jiaping, LI Hui.Review of Android Malware Detection[J]. Netinfo Security, 2016, 16(10): 80-88.
	林佳萍,李晖. 安卓恶意软件检测研究综述[J]. 信息网络安全,2016,16(10):80-88.
[14]	LOPEZ C C U, CADAVID A N. Framework for Malware Analysis in Android[J]. Sistemas & Telemática, 2016, 14(37): 45-56.