Android malware detection via efficient application programming interface call sequences extraction and machine learning classifiers
Abstract Malware detection is an important task for the ecosystem of mobile applications (APPs), especially for the Android ecosystem, and is vital to guarantee the user experience of Android APPs. There have been some exiting methods trying to solve the problem of malware detection, but the methods...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2023-08-01
|
| Series: | IET Software |
| Subjects: | |
| Online Access: | https://doi.org/10.1049/sfw2.12083 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849691368589361152 |
|---|---|
| author | Tanjie Wang Yueshen Xu Xinkui Zhao Zhiping Jiang Rui Li |
| author_facet | Tanjie Wang Yueshen Xu Xinkui Zhao Zhiping Jiang Rui Li |
| author_sort | Tanjie Wang |
| collection | DOAJ |
| description | Abstract Malware detection is an important task for the ecosystem of mobile applications (APPs), especially for the Android ecosystem, and is vital to guarantee the user experience of Android APPs. There have been some exiting methods trying to solve the problem of malware detection, but the methods suffer from several defects, such as high time complexity and mediocre accuracy, which seriously decrease the practicability of existing methods. To solve these problems, in this study, we propose a novel Android malware detection framework, where we contribute an efficient Application Programming Interface (API) call sequences extraction algorithm and an investigation of different types of classifiers. In API call sequences extraction, we propose an algorithm for transforming the function call graph from a multigraph into a directed simple graph, which successfully avoids the unnecessary repetitive path searching. We also propose a pruning search, which further reduces the number of paths to be searched. Our algorithm greatly reduces the time complexity. We generate the transition matrix as classification features and investigate three types of machine learning classifiers to complete the malware detection task. The experiments are performed on real‐world Android Packages (APKs), and the results demonstrate that our method significantly reduces the running time and produces high detection accuracy. |
| format | Article |
| id | doaj-art-e86a6ddfa40d4e7baebd2fb44fce2ac8 |
| institution | DOAJ |
| issn | 1751-8806 1751-8814 |
| language | English |
| publishDate | 2023-08-01 |
| publisher | Wiley |
| record_format | Article |
| series | IET Software |
| spelling | doaj-art-e86a6ddfa40d4e7baebd2fb44fce2ac82025-08-20T03:21:03ZengWileyIET Software1751-88061751-88142023-08-0117434836110.1049/sfw2.12083Android malware detection via efficient application programming interface call sequences extraction and machine learning classifiersTanjie Wang0Yueshen Xu1Xinkui Zhao2Zhiping Jiang3Rui Li4School of Computer Science and Technology Xidian University Xi'an ChinaSchool of Computer Science and Technology Xidian University Xi'an ChinaSchool of Software Technology Zhejiang University Ningbo ChinaSchool of Computer Science and Technology Xidian University Xi'an ChinaSchool of Computer Science and Technology Xidian University Xi'an ChinaAbstract Malware detection is an important task for the ecosystem of mobile applications (APPs), especially for the Android ecosystem, and is vital to guarantee the user experience of Android APPs. There have been some exiting methods trying to solve the problem of malware detection, but the methods suffer from several defects, such as high time complexity and mediocre accuracy, which seriously decrease the practicability of existing methods. To solve these problems, in this study, we propose a novel Android malware detection framework, where we contribute an efficient Application Programming Interface (API) call sequences extraction algorithm and an investigation of different types of classifiers. In API call sequences extraction, we propose an algorithm for transforming the function call graph from a multigraph into a directed simple graph, which successfully avoids the unnecessary repetitive path searching. We also propose a pruning search, which further reduces the number of paths to be searched. Our algorithm greatly reduces the time complexity. We generate the transition matrix as classification features and investigate three types of machine learning classifiers to complete the malware detection task. The experiments are performed on real‐world Android Packages (APKs), and the results demonstrate that our method significantly reduces the running time and produces high detection accuracy.https://doi.org/10.1049/sfw2.12083Android (operating system)computational complexitypattern classificationsoftware qualitysoftware reliability |
| spellingShingle | Tanjie Wang Yueshen Xu Xinkui Zhao Zhiping Jiang Rui Li Android malware detection via efficient application programming interface call sequences extraction and machine learning classifiers IET Software Android (operating system) computational complexity pattern classification software quality software reliability |
| title | Android malware detection via efficient application programming interface call sequences extraction and machine learning classifiers |
| title_full | Android malware detection via efficient application programming interface call sequences extraction and machine learning classifiers |
| title_fullStr | Android malware detection via efficient application programming interface call sequences extraction and machine learning classifiers |
| title_full_unstemmed | Android malware detection via efficient application programming interface call sequences extraction and machine learning classifiers |
| title_short | Android malware detection via efficient application programming interface call sequences extraction and machine learning classifiers |
| title_sort | android malware detection via efficient application programming interface call sequences extraction and machine learning classifiers |
| topic | Android (operating system) computational complexity pattern classification software quality software reliability |
| url | https://doi.org/10.1049/sfw2.12083 |
| work_keys_str_mv | AT tanjiewang androidmalwaredetectionviaefficientapplicationprogramminginterfacecallsequencesextractionandmachinelearningclassifiers AT yueshenxu androidmalwaredetectionviaefficientapplicationprogramminginterfacecallsequencesextractionandmachinelearningclassifiers AT xinkuizhao androidmalwaredetectionviaefficientapplicationprogramminginterfacecallsequencesextractionandmachinelearningclassifiers AT zhipingjiang androidmalwaredetectionviaefficientapplicationprogramminginterfacecallsequencesextractionandmachinelearningclassifiers AT ruili androidmalwaredetectionviaefficientapplicationprogramminginterfacecallsequencesextractionandmachinelearningclassifiers |