Next Article in Journal
Perfectly Secure Shannon Cipher Construction Based on the Matrix Power Function
Previous Article in Journal
Application of Six Sigma Model on Efficient Use of Vehicle Fleet
Open AccessArticle

A Lightweight Android Malware Classifier Using Novel Feature Selection Methods

by Ahmad Salah 1,2,*,†, Eman Shalabi 2,† and Walid Khedr 2,†
1
College of Computer Science and Electrical Engineering, Hunan University, Changsha 410082, China
2
Faculty of Computers and Informatics, Zagazig University, Zagazig 44519, Egypt
*
Author to whom correspondence should be addressed.
These authors contributed equally to this work.
Symmetry 2020, 12(5), 858; https://doi.org/10.3390/sym12050858
Received: 28 April 2020 / Revised: 15 May 2020 / Accepted: 22 May 2020 / Published: 23 May 2020
Smartphones and mobile tablets play significant roles in daily life and have led to an increase in the number of users of this technology. The rising number of mobile device end-users has resulted in the generation of malware by hackers. Thus, mobile devices are becoming vulnerable to malware. Machine learning plays an important role in the detection of mobile malware applications. In this study, we focus on static analysis for Android malware detection. The ultimate goal of this research is to find out the symmetric features across the malware Android application to easily detect them. Many state-of-the-art methods focus on extracting asymmetric patterns of the category of features, e.g., application permissions to distinguish the malware application from the benign application. In this work, we propose a compromise by considering different types of static features and select the most important features that affect the detection process. These features represent the symmetric pattern to be used for the classification task. Inspired by TF-IDF, we propose a novel method of feature selection. Moreover, we propose a new method for merging the Android application URLs into a single feature called the URL_score. Several linear machine learning classifiers are utilized to evaluate the proposed method. The proposed methods significantly reduce the feature space, i.e., the symmetric pattern, of the Android application dataset and the memory size of the final model. In addition, the proposed model achieves the highest reported accuracy for the Drebin dataset to date. Based on the evaluation results, the linear support vector machine achieves an accuracy of 99%. View Full-Text
Keywords: malware detection; Android malware; classifier; SVM; feature selection; TF-IDF malware detection; Android malware; classifier; SVM; feature selection; TF-IDF
Show Figures

Figure 1

MDPI and ACS Style

Salah, A.; Shalabi, E.; Khedr, W. A Lightweight Android Malware Classifier Using Novel Feature Selection Methods. Symmetry 2020, 12, 858.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop