MOCDroid: multi-objective evolutionary classifier for Android malware detection

Article


Martín, A., Menéndez, H. and Camacho, D. 2017. MOCDroid: multi-objective evolutionary classifier for Android malware detection. Soft Computing. 21 (24), pp. 7405-7415. https://doi.org/10.1007/s00500-016-2283-y
TypeArticle
TitleMOCDroid: multi-objective evolutionary classifier for Android malware detection
AuthorsMartín, A., Menéndez, H. and Camacho, D.
Abstract

Malware threats are growing, while at the same time, concealment strategies are being used to make them undetectable for current commercial Anti-Virus. Android is one of the target architectures where these problems are specially alarming, due to the wide extension of the platform in different everyday devices.The detection is specially relevant for Android markets in order to ensure that all the software they offer is clean, however, obfuscation has proven to be effective at evading the detection process. In this paper we leverage third-party calls to bypass the effects of these concealment strategies, since they cannot be obfuscated. We combine clustering and multi-objective optimisation to generate a classifier based on specific behaviours defined by 3rd party calls groups. The optimiser ensures that these groups are related to malicious or benign behaviours cleaning any non-discriminative pattern. This tool, named MOCDroid, achieves an ac-curacy of 94.6% in test with 2.12% of false positives with real apps extracted from the wild, overcoming all commercial Anti-Virus engines from VirusTotal.

KeywordsAndroid, malware, clustering, classification
Research GroupCorporate Social Responsibility and Business Ethics group
International Business group
LanguageEnglish
PublisherSpringer
JournalSoft Computing
ISSN1432-7643
Electronic1433-7479
Publication dates
Online25 Jul 2017
Print31 Dec 2017
Publication process dates
Deposited02 Feb 2020
Accepted01 Apr 2017
Output statusPublished
Accepted author manuscript
Copyright Statement

This is a post-peer-review, pre-copyedit version of an article published in Soft Computing. The final authenticated version is available online at: http://dx.doi.org/10.1007/s00500-016-2283-y

Digital Object Identifier (DOI)https://doi.org/10.1007/s00500-016-2283-y
Permalink -

https://repository.mdx.ac.uk/item/88vx4

Download files

  • 13
    total views
  • 2
    total downloads
  • 2
    views this month
  • 2
    downloads this month

Export as