Redroiddet: Android malware detection based on recurrent neural network

Mothanna Almahmoud; Dalia Alzu'bi; Qussai Yaseen

doi:10.1016/j.procs.2021.03.105

Redroiddet: Android malware detection based on recurrent neural network

Mothanna Almahmoud
, Dalia Alzu'bi
, Qussai Yaseen

Jordan University of Science and Technology

Research output: Contribution to journal › Conference article › peer-review

44 Scopus citations

Abstract

Android still has the first rank in terms of market share in comparing to other operating systems. Due to its flexible publishing policy, companies are developing many applications in order to serve user needs. The official market of Android Google Play store is characterized by its support for the unofficial stores, and it does not impose many restrictions on developers during the publishing process. These features were a major reason for making it become the most vulnerable platform to cyber criminals, as users are suffering from the problems of exposure to malicious applications that breach their privacy or damage their devices. In this research, a novel model is devised based on a combination of four static features, namely; permissions, API calls, monitoring system events, and permission rate. Specifically, the dataset consists of 2,820 samples of both malware and benign applications. This paper proposes a new architecture of Recurrent Neural Network (RNN) that can perform the detection process better than traditional machine learning algorithms. The experimental results shown that the proposed model has scored 98.58 level of accuracy, and it has promising results in Android malware detection.

Original language	English
Pages (from-to)	841-846
Number of pages	6
Journal	Procedia Computer Science
Volume	184
DOIs	https://doi.org/10.1016/j.procs.2021.03.105
State	Published - 2021
Externally published	Yes
Event	12th International Conference on Ambient Systems, Networks and Technologies, ANT 2021 / 4th International Conference on Emerging Data and Industry 4.0, EDI40 2021 / Affiliated Workshops - Warsaw, Poland Duration: 23 Mar 2021 → 26 Mar 2021

Keywords

Android
Deep learning
Malware detection
Recurrent neural network
Static analysis

Access to Document

10.1016/j.procs.2021.03.105

Cite this

@article{468638f40ba1437eb02d83be04da07a0,

title = "Redroiddet: Android malware detection based on recurrent neural network",

abstract = "Android still has the first rank in terms of market share in comparing to other operating systems. Due to its flexible publishing policy, companies are developing many applications in order to serve user needs. The official market of Android Google Play store is characterized by its support for the unofficial stores, and it does not impose many restrictions on developers during the publishing process. These features were a major reason for making it become the most vulnerable platform to cyber criminals, as users are suffering from the problems of exposure to malicious applications that breach their privacy or damage their devices. In this research, a novel model is devised based on a combination of four static features, namely; permissions, API calls, monitoring system events, and permission rate. Specifically, the dataset consists of 2,820 samples of both malware and benign applications. This paper proposes a new architecture of Recurrent Neural Network (RNN) that can perform the detection process better than traditional machine learning algorithms. The experimental results shown that the proposed model has scored 98.58 level of accuracy, and it has promising results in Android malware detection.",

keywords = "Android, Deep learning, Malware detection, Recurrent neural network, Static analysis",

author = "Mothanna Almahmoud and Dalia Alzu'bi and Qussai Yaseen",

note = "Publisher Copyright: {\textcopyright} 2021 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/); 12th International Conference on Ambient Systems, Networks and Technologies, ANT 2021 / 4th International Conference on Emerging Data and Industry 4.0, EDI40 2021 / Affiliated Workshops ; Conference date: 23-03-2021 Through 26-03-2021",

year = "2021",

doi = "10.1016/j.procs.2021.03.105",

language = "English",

volume = "184",

pages = "841--846",

journal = "Procedia Computer Science",

issn = "1877-0509",

publisher = "Elsevier B.V.",

}

TY - JOUR

T1 - Redroiddet

T2 - 12th International Conference on Ambient Systems, Networks and Technologies, ANT 2021 / 4th International Conference on Emerging Data and Industry 4.0, EDI40 2021 / Affiliated Workshops

AU - Almahmoud, Mothanna

AU - Alzu'bi, Dalia

AU - Yaseen, Qussai

PY - 2021

Y1 - 2021

N2 - Android still has the first rank in terms of market share in comparing to other operating systems. Due to its flexible publishing policy, companies are developing many applications in order to serve user needs. The official market of Android Google Play store is characterized by its support for the unofficial stores, and it does not impose many restrictions on developers during the publishing process. These features were a major reason for making it become the most vulnerable platform to cyber criminals, as users are suffering from the problems of exposure to malicious applications that breach their privacy or damage their devices. In this research, a novel model is devised based on a combination of four static features, namely; permissions, API calls, monitoring system events, and permission rate. Specifically, the dataset consists of 2,820 samples of both malware and benign applications. This paper proposes a new architecture of Recurrent Neural Network (RNN) that can perform the detection process better than traditional machine learning algorithms. The experimental results shown that the proposed model has scored 98.58 level of accuracy, and it has promising results in Android malware detection.

AB - Android still has the first rank in terms of market share in comparing to other operating systems. Due to its flexible publishing policy, companies are developing many applications in order to serve user needs. The official market of Android Google Play store is characterized by its support for the unofficial stores, and it does not impose many restrictions on developers during the publishing process. These features were a major reason for making it become the most vulnerable platform to cyber criminals, as users are suffering from the problems of exposure to malicious applications that breach their privacy or damage their devices. In this research, a novel model is devised based on a combination of four static features, namely; permissions, API calls, monitoring system events, and permission rate. Specifically, the dataset consists of 2,820 samples of both malware and benign applications. This paper proposes a new architecture of Recurrent Neural Network (RNN) that can perform the detection process better than traditional machine learning algorithms. The experimental results shown that the proposed model has scored 98.58 level of accuracy, and it has promising results in Android malware detection.

KW - Android

KW - Deep learning

KW - Malware detection

KW - Recurrent neural network

KW - Static analysis

UR - https://www.scopus.com/pages/publications/85106719377

U2 - 10.1016/j.procs.2021.03.105

DO - 10.1016/j.procs.2021.03.105

M3 - Conference article

AN - SCOPUS:85106719377

SN - 1877-0509

VL - 184

SP - 841

EP - 846

JO - Procedia Computer Science

JF - Procedia Computer Science

Y2 - 23 March 2021 through 26 March 2021

ER -

Redroiddet: Android malware detection based on recurrent neural network

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this