MOCDroid: multi-objective evolutionary classifier for Android malware detection
Article
Martín, A., Menéndez, H. and Camacho, D. 2017. MOCDroid: multi-objective evolutionary classifier for Android malware detection. Soft Computing. 21 (24), pp. 7405-7415. https://doi.org/10.1007/s00500-016-2283-y
Type | Article |
---|---|
Title | MOCDroid: multi-objective evolutionary classifier for Android malware detection |
Authors | Martín, A., Menéndez, H. and Camacho, D. |
Abstract | Malware threats are growing, while at the same time, concealment strategies are being used to make them undetectable for current commercial Anti-Virus. Android is one of the target architectures where these problems are specially alarming, due to the wide extension of the platform in different everyday devices.The detection is specially relevant for Android markets in order to ensure that all the software they offer is clean, however, obfuscation has proven to be effective at evading the detection process. In this paper we leverage third-party calls to bypass the effects of these concealment strategies, since they cannot be obfuscated. We combine clustering and multi-objective optimisation to generate a classifier based on specific behaviours defined by 3rd party calls groups. The optimiser ensures that these groups are related to malicious or benign behaviours cleaning any non-discriminative pattern. This tool, named MOCDroid, achieves an ac-curacy of 94.6% in test with 2.12% of false positives with real apps extracted from the wild, overcoming all commercial Anti-Virus engines from VirusTotal. |
Keywords | Android, malware, clustering, classification |
Research Group | Corporate Social Responsibility and Business Ethics group |
International Business group | |
Publisher | Springer |
Journal | Soft Computing |
ISSN | 1432-7643 |
Electronic | 1433-7479 |
Publication dates | |
Online | 25 Jul 2017 |
31 Dec 2017 | |
Publication process dates | |
Deposited | 02 Feb 2020 |
Accepted | 01 Apr 2017 |
Output status | Published |
Accepted author manuscript | |
Copyright Statement | This is a post-peer-review, pre-copyedit version of an article published in Soft Computing. The final authenticated version is available online at: http://dx.doi.org/10.1007/s00500-016-2283-y |
Digital Object Identifier (DOI) | https://doi.org/10.1007/s00500-016-2283-y |
Language | English |
https://repository.mdx.ac.uk/item/88vx4
Download files
44
total views14
total downloads6
views this month3
downloads this month