Back to Search
Start Over
Android malicious application detection using support vector machine and active learning
- Source :
- CNSM
- Publication Year :
- 2017
- Publisher :
- IEEE, 2017.
-
Abstract
- The increasing popularity of Android phones and its open app market system have caused the proliferation of malicious Android apps. The increasing sophistication and diversity of the malicious Android apps render the conventional malware detection techniques ineffective, which results in a large number of malicious applications remaining undetected. This calls for more effective techniques for detection and classification of Android malware. Hence, in this paper, we present an Android malicious application detection framework based on the Support Vector Machine (SVM) and Active Learning technologies. In our approach, we extract applications' activities while in execution and map them into a feature set, we then attach timestamps to some features in the set. We show that our novel use of time-dependent behavior tracking can significantly improve the malware detection accuracy. In particular, we build an active learning model using Expected error reduction query strategy to integrate new informative instances of Android malware and retrain the model to be able to do adaptive online learning. We evaluate our model through a set of experiments on the DREBIN benchmark malware dataset. Our evaluation results show that the proposed approach can accurately detect malicious applications and improve updatability against new malware.
- Subjects :
- business.industry
Computer science
Online learning
Feature extraction
020207 software engineering
02 engineering and technology
computer.software_genre
Machine learning
Data modeling
Support vector machine
020204 information systems
0202 electrical engineering, electronic engineering, information engineering
Malware
Timestamp
Artificial intelligence
Android (operating system)
Error reduction
business
computer
Subjects
Details
- Database :
- OpenAIRE
- Journal :
- 2017 13th International Conference on Network and Service Management (CNSM)
- Accession number :
- edsair.doi...........3859878e145bc6cfec9901896bdc2808