|Table of Contents|

Mobile malware detection approach using ensemble classification


Research Field:
Publishing date:


Mobile malware detection approach using ensemble classification
Huang WeiChen HaoGuo YajuanJiang Haitao
Research Institute of Jiangsu Electric Power Company,Nanjing 210036,China
Android classification ensemble learning malware detection static analysis support vector machine feature selection
To accurately know the contributions of a single feature and a single data mining algorithm to high detection accuracy for malware detection,this paper puts forward a mobile malware detection approach using ensemble techniques for the Android platform.The proposed approach extracts three kinds of features from a given mobile application,including privilege feature,component feature and API call feature.Several classification models are built for each kind of feature using several base classifiers respectively.A consensus function for each feature is designed to make decision to obtain an optimal classification output.In the next step,another consensus function is designed and applied to the outputs from all kinds of features in order to obtain the final classification output.This paper carries out the empirical experiment evaluation on mobile applications from the real world application markets,and the compared results show that our approach can get a better detection accuracy in terms of F1 score than a single data mining algorithm.


[1] Anastasia S,Dennis G.Review of the mobile malware detection approaches[C]//Proceedings of the 23rd International Conference on Parallel,Distributed and Network-Based Processing.Washington,USA:IEEE Computer Society,2015:600-603.
[2]Islam R,Tian R,Batten L M,et al.Review:classification of malware based on integrated static and dynamic features[J].Journal of Network and Computer Applications,2013,36(2):646-656.
[3]Mas’Ud M Z,Sahib S,Abdollah M F,et al.Analysis of features selection and machine learning classifier in Android malware detection[C]//Proceedings of IEEE International Conference on Information Science and Applications.Washington,USA:IEEE Computer Society,2014:1-5.
[4]Zhou Yajin,Wang Zhi,Zhou Wu,et al.Hey,you,get off of my market:detecting malicious Apps in official and alternative Android markets[C]//Proceedings of the 19th Annual Network & Distributed System Security Symposium.Washington,USA:Internet Society,2012:123-129.
[5]Zhang Yuan,Yang Min,Yang Zhemin,et al.Permission use analysis for vetting undesirable behaviors in Android Apps[J].IEEE Transactions on Information Forensics and Security,2014,9(11):1828-1842.
[6]Pandita R,Xiao X,Yang W,et al.WHYPER:towards automating risk assessment of mobile applications[C]//Proceedings of the 22nd USENIX Security Symposium.Berkeley,USA:USENIX,2013:89-97.
[7]Salehi Z,Ghiasi M,Sami A.A miner for malware detection based on API function calls and their arguments[C]//Proceedings of the 16th CSI International Symposium on Artificial Intelligence and Signal Processing.Washington,USA:IEEE Computer Society,2012:563-568.

Lu Wenqing,He Jiaming,Zeng Xingbin,et al.Android malware static detection based on hybrid features[J].Radio Communications Technology,2014,40(6):64-68.
Yang Huan,Zhang Yuqing,Hu Yupu,et al.A malware behavior detection system of Android applications based on multi-class features[J].Chinese Journal of Computers,2014,37(1):15-27.
Qi Yong,Hu Jun,Yu Dongjun.Incremental learning algorithm based on self-organizing map and probabilistic neural network[J].Journal of Nanjing University of Science and Technology,2013,37(1):1-6.
[11]Yerima S Y,Sezer S,Muttik I.High accuracy Android malware detection using ensemble learning[J].IET Information Security,2015,9(6):313-320.
Hu Yangbo,Wang Chengxian,Yuan Jie.Design and realization of a mobile application system for electric distribution network rush repair[J].Jiangsu Electrical Engineering,2014,33(3):49-52.


Last Update: 2016-02-29