Android Malware Detection based on Factorization Machine
share
With the increasing popularity of Android smart phones in recent years, the number of Android malware is growing rapidly. Due to its great threat and damage to mobile phone users, Android malware detection has become increasingly important in cyber security. Traditional methods like signature-based ones cannot protect users from the ever increasing sophistication and rapid behavior changes of new types of Android malware. Therefore, lots of recent efforts have been made to use machine learning to characterize and discover the malicious behavior patterns of mobile apps for malware detection. In this paper, we propose a novel and highly reliable machine learning algorithm for Android Malware detection based on the use of Factorization Machine and the extensive study of Android app features. We first extract 77 types of features that are highly relevant to malware detection from the manifest file and source code of each mobile app, including Application Programming Interface (API) calls, permissions, etc. We have observed that the numerical feature representation of an app usually forms a long and highly sparse vector, and that the interactions among different features are critical to revealing some malicious behavior patterns. Based on these observations, we propose to use factorization machine, which fit the problem the best, as a supervised classifier for malware detection. According to extensive performance evaluation, our proposed method achieved a test result of 99.01 on the DREBIN dataset and 99.2 rate on the AMD dataset, significantly outperformed a number of state-of-the-art machine-learning-based Android malware detection methods as well as commercial antivirus engines.
READ FULL TEXT
