Family Classification of Malicious Applications using Hybrid Analysis and Computationally Economical Machine Learning Techniques

Abstract

Most users utilize android smartphones for almost all activities. However, malicious attacks on these devices rose exponentially. Samples can be classified accurately, but earlier detection is challenging. So, we need a model that detects malicious applications before exploiting the data. This paper adopts computationally economical machine learning techniques to detect and determine the samples’ families. Applications are analyzed to create static and dynamic datasets. Five data sampling techniques are used to fix the class imbalance. After data sampling, we apply four feature selection techniques to identify the most informative features. Then, four machine learning techniques are applied to detect malware and its family. In the case of static analysis, the highest mathews correlation coefficient (MCC) is 89% for malware classification, 86% for malware category classification, and 81% for malware family classification. In the case of dynamic analysis, the highest MCC is 81% for malware category classification and 62% for malware family classification. For hybrid analysis, we achieve 88% MCC for malware category classification and 82% for malware family determination. Our proposed model outperforms other state-of- the-art performance parameters named the area under curve, accuracy, F1-measure, and MCC