Android Malware Classification Using Machine Learning and Bio-Inspired Optimisation Algorithms

Jack Pye; Biju Issac; Nauman Aslam; Husnain Rafiq

doi:10.1109/TrustCom50675.2020.00244

Android Malware Classification Using Machine Learning and Bio-Inspired Optimisation Algorithms

Jack Pye, Biju Issac, Nauman Aslam, Husnain Rafiq

Computer and Information Sciences Department

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

7 Citations (Scopus)

255 Downloads (Pure)

Abstract

In recent years the number and sophistication of Android malware have increased dramatically. A prototype framework which uses static analysis methods for classification is proposed which employs two feature sets to classify Android malware, permissions declared in the AndroidManifest.xml and Android classes used from the Classes.dex file. The extracted features were then used to train a variety of machine learning algorithms including Random Forest, SGD, SVM and Neural networks. Each machine learning algorithm was subsequently optimised using optimisation algorithms, including the use of bio-inspired optimisation algorithms such as Particle Swarm Optimisation, Artificial Bee Colony optimisation (ABC), Firefly optimisation and Genetic algorithm. The prototype framework was tested and evaluated using three datasets. It achieved a good accuracy of 95.7 percent by using SVM and ABC optimisation for the CICAndMal2019 dataset, 94.9 percent accuracy (with f1- score of 96.7 percent) using Neural network for the KuafuDet dataset and 99.6 percent accuracy using an SGD classifier for the Andro-Dump dataset. The accuracy could be further improved through better feature selection.

Original language	English
Title of host publication	2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications
Subtitle of host publication	TrustCom 2020
Editors	Guojun Wang, Ryan Ko, Md Zakirul Alam Bhuiyan, Yi Pan
Place of Publication	Piscataway
Publisher	IEEE
Pages	1777-1882
Number of pages	6
ISBN (Print)	9781665403924
DOIs	https://doi.org/10.1109/TrustCom50675.2020.00244
Publication status	Published - Dec 2020
Event	19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2020): 4th International Workshop on Cyberspace Security (IWCSS 2020) - Guangzhou University, Guangzhou, China Duration: 29 Dec 2020 → 1 Jan 2021 http://ieee-trustcom.org/TrustCom2020/

Conference

Conference	19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2020)
Country/Territory	China
City	Guangzhou
Period	29/12/20 → 1/01/21
Internet address	http://ieee-trustcom.org/TrustCom2020/

Keywords

android malware detection
machine learning
optimisation
bio-inspired optimisation

Access to Document

10.1109/TrustCom50675.2020.00244

Accepted Manuscript_Pye et alAccepted author manuscript, 757 KB

Cite this

Pye, J., Issac, B., Aslam, N., & Rafiq, H. (2020). Android Malware Classification Using Machine Learning and Bio-Inspired Optimisation Algorithms. In G. Wang, R. Ko, M. Z. A. Bhuiyan, & Y. Pan (Eds.), 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications: TrustCom 2020 (pp. 1777-1882). IEEE. https://doi.org/10.1109/TrustCom50675.2020.00244

Pye, Jack ; Issac, Biju ; Aslam, Nauman et al. / Android Malware Classification Using Machine Learning and Bio-Inspired Optimisation Algorithms. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications: TrustCom 2020. editor / Guojun Wang ; Ryan Ko ; Md Zakirul Alam Bhuiyan ; Yi Pan. Piscataway : IEEE, 2020. pp. 1777-1882

@inproceedings{13c7a11555bf49a592e1405adb31bd9c,

title = "Android Malware Classification Using Machine Learning and Bio-Inspired Optimisation Algorithms",

abstract = "In recent years the number and sophistication of Android malware have increased dramatically. A prototype framework which uses static analysis methods for classification is proposed which employs two feature sets to classify Android malware, permissions declared in the AndroidManifest.xml and Android classes used from the Classes.dex file. The extracted features were then used to train a variety of machine learning algorithms including Random Forest, SGD, SVM and Neural networks. Each machine learning algorithm was subsequently optimised using optimisation algorithms, including the use of bio-inspired optimisation algorithms such as Particle Swarm Optimisation, Artificial Bee Colony optimisation (ABC), Firefly optimisation and Genetic algorithm. The prototype framework was tested and evaluated using three datasets. It achieved a good accuracy of 95.7 percent by using SVM and ABC optimisation for the CICAndMal2019 dataset, 94.9 percent accuracy (with f1- score of 96.7 percent) using Neural network for the KuafuDet dataset and 99.6 percent accuracy using an SGD classifier for the Andro-Dump dataset. The accuracy could be further improved through better feature selection.",

keywords = "android malware detection, machine learning, optimisation, bio-inspired optimisation",

author = "Jack Pye and Biju Issac and Nauman Aslam and Husnain Rafiq",

year = "2020",

month = dec,

doi = "10.1109/TrustCom50675.2020.00244",

language = "English",

isbn = "9781665403924",

pages = "1777--1882",

editor = "Guojun Wang and Ryan Ko and Bhuiyan, {Md Zakirul Alam} and Yi Pan",

booktitle = "2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications",

publisher = "IEEE",

address = "United States",

note = "19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2020) : 4th International Workshop on Cyberspace Security (IWCSS 2020) ; Conference date: 29-12-2020 Through 01-01-2021",

url = "http://ieee-trustcom.org/TrustCom2020/",

}

Pye, J, Issac, B , Aslam, N & Rafiq, H 2020, Android Malware Classification Using Machine Learning and Bio-Inspired Optimisation Algorithms. in G Wang, R Ko, MZA Bhuiyan & Y Pan (eds), 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications: TrustCom 2020. IEEE, Piscataway, pp. 1777-1882, 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2020), Guangzhou, China, 29/12/20. https://doi.org/10.1109/TrustCom50675.2020.00244

Android Malware Classification Using Machine Learning and Bio-Inspired Optimisation Algorithms. / Pye, Jack; Issac, Biju ; Aslam, Nauman et al.
2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications: TrustCom 2020. ed. / Guojun Wang; Ryan Ko; Md Zakirul Alam Bhuiyan; Yi Pan. Piscataway: IEEE, 2020. p. 1777-1882.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Android Malware Classification Using Machine Learning and Bio-Inspired Optimisation Algorithms

AU - Pye, Jack

AU - Issac, Biju

AU - Aslam, Nauman

AU - Rafiq, Husnain

PY - 2020/12

Y1 - 2020/12

N2 - In recent years the number and sophistication of Android malware have increased dramatically. A prototype framework which uses static analysis methods for classification is proposed which employs two feature sets to classify Android malware, permissions declared in the AndroidManifest.xml and Android classes used from the Classes.dex file. The extracted features were then used to train a variety of machine learning algorithms including Random Forest, SGD, SVM and Neural networks. Each machine learning algorithm was subsequently optimised using optimisation algorithms, including the use of bio-inspired optimisation algorithms such as Particle Swarm Optimisation, Artificial Bee Colony optimisation (ABC), Firefly optimisation and Genetic algorithm. The prototype framework was tested and evaluated using three datasets. It achieved a good accuracy of 95.7 percent by using SVM and ABC optimisation for the CICAndMal2019 dataset, 94.9 percent accuracy (with f1- score of 96.7 percent) using Neural network for the KuafuDet dataset and 99.6 percent accuracy using an SGD classifier for the Andro-Dump dataset. The accuracy could be further improved through better feature selection.

AB - In recent years the number and sophistication of Android malware have increased dramatically. A prototype framework which uses static analysis methods for classification is proposed which employs two feature sets to classify Android malware, permissions declared in the AndroidManifest.xml and Android classes used from the Classes.dex file. The extracted features were then used to train a variety of machine learning algorithms including Random Forest, SGD, SVM and Neural networks. Each machine learning algorithm was subsequently optimised using optimisation algorithms, including the use of bio-inspired optimisation algorithms such as Particle Swarm Optimisation, Artificial Bee Colony optimisation (ABC), Firefly optimisation and Genetic algorithm. The prototype framework was tested and evaluated using three datasets. It achieved a good accuracy of 95.7 percent by using SVM and ABC optimisation for the CICAndMal2019 dataset, 94.9 percent accuracy (with f1- score of 96.7 percent) using Neural network for the KuafuDet dataset and 99.6 percent accuracy using an SGD classifier for the Andro-Dump dataset. The accuracy could be further improved through better feature selection.

KW - android malware detection

KW - machine learning

KW - optimisation

KW - bio-inspired optimisation

U2 - 10.1109/TrustCom50675.2020.00244

DO - 10.1109/TrustCom50675.2020.00244

M3 - Conference contribution

SN - 9781665403924

SP - 1777

EP - 1882

BT - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications

A2 - Wang, Guojun

A2 - Ko, Ryan

A2 - Bhuiyan, Md Zakirul Alam

A2 - Pan, Yi

PB - IEEE

CY - Piscataway

T2 - 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2020)

Y2 - 29 December 2020 through 1 January 2021

ER -

Android Malware Classification Using Machine Learning and Bio-Inspired Optimisation Algorithms

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this