AUTOMATED ANDROID MALWARE DETECTION

Abstract

Smartphone usage has increased rapidly in recent years due to their affordability and the digitalization of many services. With the growing use of smartphones, new security challenges have emerged, especially threats caused by different types of malware. In recent years, many fraudulent mobile applications have appeared, particularly on the Android platform, making it difficult to identify harmful apps. Malware developers continuously create new malicious software as Android devices become more popular, posing risks to system security and user privacy. The objective of this study is to apply machine learning techniques to detect Android malware. A malware detection framework for Android is proposed in which six machine learning models are used to classify different types of malware, including Decision Trees, Support Vector Machines, Naive Bayes, Random Forests, K-Nearest Neighbors, and Ensemble Methods / Extra-Tree Classifier. The performance of the proposed framework is evaluated using the CICMalAnal2017 Android malware dataset, which contains different malware categories such as adware, ransomware, and scareware. Four feature selection techniques are applied, including Feature Correlation, Random Forest Importance, Chi-Square Test, and Information Gain. Various machine learning algorithms are tested to classify malware effectively. Additionally, machine learning methods for analyzing source code vulnerabilities are discussed, as adding security after an application is released can be difficult. Therefore, this study aims to help researchers better understand Android malware detection and identify possible future research directions.