Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.7
2.9
Journals
Electronics
Special Issues
High Accuracy Detection of Mobile Malware Using Machine Learning
share announcement

High Accuracy Detection of Mobile Malware Using Machine Learning

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Networks".

Deadline for manuscript submissions: closed (31 October 2022) | Viewed by 52204

Printed Edition Available!
A printed edition of this Special Issue is available here.

Special Issue Editor

Dr. Suleiman Yerima

E-Mail Website
Guest Editor
Cyber Technology Institute, School of Computer Science and Informatics, De Montfort University, The Gateway, Leicester LE1 9BH, UK
Interests: malware analysis and detection; applied machine learning; mobile security; transparent authentication; IoT security; intrusion detection systems

Special Issue Information

Dear Colleagues,

Smartphones have become pervasive in modern life, thus leading to mobile operating systems such as Android and iOS becoming increasingly targeted by malicious software (malware). Mobile malware has witnessed an explosive growth in the past few years. In 2019, a leading anti-malware vendor reported that over six million new mobile malware samples were discovered in the previous year. With such an increase in mobile malware, the limits of traditional signature-based antivirus scanning have been stretched. This has led to the emergence of machine-learning-based detection as a complementary solution to traditional antivirus scanning. Although machine-learning-based mobile malware detection has continued to attract great research interest, many challenges remain as emerging mobile malware families continue to exhibit more sophisticated capabilities and stealthy evasive techniques.

This Special Issue calls for contributions that focus on novel, efficient and high-accuracy detection of malware on the mobile platform using machine learning. The Special Issue invites authors to submit high-quality research papers reporting the latest results and innovative approaches featuring robust, scalable, obfuscation-resilient, attack-resistant machine learning techniques. The scope of the topics for this Special Issue includes (but is not limited to) the following:

  • Systematic review of the latest machine-learning-based mobile malware research
  • Novel machine learning techniques applied to mobile malware
  • Deep-learning-based detection of mobile malware
  • Novel supervised and unsupervised learning techniques
  • Classifier fusion and ensemble-learning-based approaches
  • Novel system architectures for mobile malware detection
  • Network-based machine-learning-driven detection systems
  • Edge/fog computing machine-learning-based detection systems
  • Cloud-based/cloud-assisted large-scale detection systems
  • Adversarial machine learning techniques
  • Mitigating long-term performance decline

Dr. Suleiman Yerima
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Systematic review of the latest machine-learning-based mobile malware research
  • Novel machine learning techniques applied to mobile malware
  • Deep-learning-based detection of mobile malware
  • Novel supervised and unsupervised learning techniques
  • Classifier fusion and ensemble-learning-based approaches
  • Novel system architectures for mobile malware detection
  • Network-based machine-learning-driven detection systems
  • Edge/fog computing machine-learning-based detection systems
  • Cloud-based/cloud-assisted large-scale detection systems
  • Adversarial machine learning techniques
  • Mitigating long-term performance decline

Published Papers (11 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Editorial

Jump to: Research, Review

3 pages, 178 KiB  
Editorial
High Accuracy Detection of Mobile Malware Using Machine Learning
by Suleiman Y. Yerima
Electronics 2023, 12(6), 1408; https://doi.org/10.3390/electronics12061408 - 15 Mar 2023
Viewed by 1127
Abstract
As smartphones and other mobile and IoT devices have become pervasive in everyday life, malicious software (malware) authors are increasingly targeting the operating systems that are at the core of these mobile systems [...] Full article
(This article belongs to the Special Issue High Accuracy Detection of Mobile Malware Using Machine Learning)

Research

Jump to: Editorial, Review

13 pages, 563 KiB  
Article
Detecting Browser Drive-By Exploits in Images Using Deep Learning
by Patricia Iglesias, Miguel-Angel Sicilia and Elena García-Barriocanal
Electronics 2023, 12(3), 473; https://doi.org/10.3390/electronics12030473 - 17 Jan 2023
Cited by 3 | Viewed by 1564
Abstract
Steganography is the set of techniques aiming to hide information in messages as images. Recently, stenographic techniques have been combined with polyglot attacks to deliver exploits in Web browsers. Machine learning approaches have been proposed in previous works as a solution for detecting [...] Read more.
Steganography is the set of techniques aiming to hide information in messages as images. Recently, stenographic techniques have been combined with polyglot attacks to deliver exploits in Web browsers. Machine learning approaches have been proposed in previous works as a solution for detecting stenography in images, but the specifics of hiding exploit code have not been systematically addressed to date. This paper proposes the use of deep learning methods for such detection, accounting for the specifics of the situation in which the images and the malicious content are delivered using Spatial and Frequency Domain Steganography algorithms. The methods were evaluated by using benchmark image databases with collections of JavaScript exploits, for different density levels and steganographic techniques in images. A convolutional neural network was built to classify the infected images with a validation accuracy around 98.61% and a validation AUC score of 99.75%. Full article
(This article belongs to the Special Issue High Accuracy Detection of Mobile Malware Using Machine Learning)
Show Figures

Figure 1

17 pages, 599 KiB  
Article
Digital Forensics Classification Based on a Hybrid Neural Network and the Salp Swarm Algorithm
by Moutaz Alazab, Ruba Abu Khurma, Albara Awajan and Mohammad Wedyan
Electronics 2022, 11(12), 1903; https://doi.org/10.3390/electronics11121903 - 17 Jun 2022
Cited by 7 | Viewed by 1972
Abstract
In recent times, cybercrime has increased significantly and dramatically. This made the need for Digital Forensics (DF) urgent. The main objective of DF is to keep proof in its original state by identifying, collecting, analyzing, and evaluating digital data to rebuild past acts. [...] Read more.
In recent times, cybercrime has increased significantly and dramatically. This made the need for Digital Forensics (DF) urgent. The main objective of DF is to keep proof in its original state by identifying, collecting, analyzing, and evaluating digital data to rebuild past acts. The proof of cybercrime can be found inside a computer’s system files. This paper investigates the viability of Multilayer perceptron (MLP) in DF application. The proposed method relies on analyzing the file system in a computer to determine if it is tampered by a specific computer program. A dataset describes a set of features of file system activities in a given period. These data are used to train the MLP and build a training model for classification purposes. Identifying the optimal set of MLP parameters (weights and biases) is a challenging matter in training MLPs. Using traditional training algorithms causes stagnation in local minima and slow convergence. This paper proposes a Salp Swarm Algorithm (SSA) as a trainer for MLP using an optimized set of MLP parameters. SSA has proved its applicability in different applications and obtained promising optimization results. This motivated us to apply SSA in the context of DF to train MLP as it was never used for this purpose before. The results are validated by comparisons with other meta-heuristic algorithms. The SSAMLP-DF is the best algorithm because it achieves the highest accuracy results, minimum error rate, and best convergence scale. Full article
(This article belongs to the Special Issue High Accuracy Detection of Mobile Malware Using Machine Learning)
Show Figures

Figure 1

18 pages, 523 KiB  
Article
A Novel Android Botnet Detection System Using Image-Based and Manifest File Features
by Suleiman Y. Yerima and Abul Bashar
Electronics 2022, 11(3), 486; https://doi.org/10.3390/electronics11030486 - 08 Feb 2022
Cited by 12 | Viewed by 3425
Abstract
Malicious botnet applications have become a serious threat and are increasingly incorporating sophisticated detection avoidance techniques. Hence, there is a need for more effective mitigation approaches to combat the rise of Android botnets. Although the use of Machine Learning to detect botnets has [...] Read more.
Malicious botnet applications have become a serious threat and are increasingly incorporating sophisticated detection avoidance techniques. Hence, there is a need for more effective mitigation approaches to combat the rise of Android botnets. Although the use of Machine Learning to detect botnets has been a focus of recent research efforts, several challenges remain. To overcome the limitations of using hand-crafted features for Machine-Learning-based detection, in this paper, we propose a novel mobile botnet detection system based on features extracted from images and a manifest file. The scheme employs a Histogram of Oriented Gradients and byte histograms obtained from images representing the app executable and combines these with features derived from the manifest files. Feature selection is then applied to utilize the best features for classification with Machine-Learning algorithms. The proposed system was evaluated using the ISCX botnet dataset, and the experimental results demonstrate its effectiveness with F1 scores ranging from 0.923 to 0.96 using popular Machine-Learning algorithms. Furthermore, with the Extra Trees model, up to 97.5% overall accuracy was obtained using an 80:20 train–test split, and 96% overall accuracy was obtained using 10-fold cross validation. Full article
(This article belongs to the Special Issue High Accuracy Detection of Mobile Malware Using Machine Learning)
Show Figures

Figure 1

17 pages, 1671 KiB  
Article
An Efficient Method for Generating Adversarial Malware Samples
by Yuxin Ding, Miaomiao Shao, Cai Nie and Kunyang Fu
Electronics 2022, 11(1), 154; https://doi.org/10.3390/electronics11010154 - 04 Jan 2022
Cited by 4 | Viewed by 1975
Abstract
Deep learning methods have been applied to malware detection. However, deep learning algorithms are not safe, which can easily be fooled by adversarial samples. In this paper, we study how to generate malware adversarial samples using deep learning models. Gradient-based methods are usually [...] Read more.
Deep learning methods have been applied to malware detection. However, deep learning algorithms are not safe, which can easily be fooled by adversarial samples. In this paper, we study how to generate malware adversarial samples using deep learning models. Gradient-based methods are usually used to generate adversarial samples. These methods generate adversarial samples case-by-case, which is very time-consuming to generate a large number of adversarial samples. To address this issue, we propose a novel method to generate adversarial malware samples. Different from gradient-based methods, we extract feature byte sequences from benign samples. Feature byte sequences represent the characteristics of benign samples and can affect classification decision. We directly inject feature byte sequences into malware samples to generate adversarial samples. Feature byte sequences can be shared to produce different adversarial samples, which can efficiently generate a large number of adversarial samples. We compare the proposed method with the randomly injecting and gradient-based methods. The experimental results show that the adversarial samples generated using our proposed method have a high successful rate. Full article
(This article belongs to the Special Issue High Accuracy Detection of Mobile Malware Using Machine Learning)
Show Figures

Figure 1

10 pages, 1572 KiB  
Article
A Novel Monte-Carlo Simulation-Based Model for Malware Detection (eRBCM)
by Muath Alrammal, Munir Naveed and Georgios Tsaramirsis
Electronics 2021, 10(22), 2881; https://doi.org/10.3390/electronics10222881 - 22 Nov 2021
Cited by 1 | Viewed by 1718
Abstract
The use of innovative and sophisticated malware definitions poses a serious threat to computer-based information systems. Such malware is adaptive to the existing security solutions and often works without detection. Once malware completes its malicious activity, it self-destructs and leaves no obvious signature [...] Read more.
The use of innovative and sophisticated malware definitions poses a serious threat to computer-based information systems. Such malware is adaptive to the existing security solutions and often works without detection. Once malware completes its malicious activity, it self-destructs and leaves no obvious signature for detection and forensic purposes. The detection of such sophisticated malware is very challenging and a non-trivial task because of the malware’s new patterns of exploiting vulnerabilities. Any security solutions require an equal level of sophistication to counter such attacks. In this paper, a novel reinforcement model based on Monte-Carlo simulation called eRBCM is explored to develop a security solution that can detect new and sophisticated network malware definitions. The new model is trained on several kinds of malware and can generalize the malware detection functionality. The model is evaluated using a benchmark set of malware. The results prove that eRBCM can identify a variety of malware with immense accuracy. Full article
(This article belongs to the Special Issue High Accuracy Detection of Mobile Malware Using Machine Learning)
Show Figures

Figure 1

28 pages, 2527 KiB  
Article
Detection of Malicious Software by Analyzing Distinct Artifacts Using Machine Learning and Deep Learning Algorithms
by Mathew Ashik, A. Jyothish, S. Anandaram, P. Vinod, Francesco Mercaldo, Fabio Martinelli and Antonella Santone
Electronics 2021, 10(14), 1694; https://doi.org/10.3390/electronics10141694 - 15 Jul 2021
Cited by 8 | Viewed by 3691
Abstract
Malware is one of the most significant threats in today’s computing world since the number of websites distributing malware is increasing at a rapid rate. Malware analysis and prevention methods are increasingly becoming necessary for computer systems connected to the Internet. This software [...] Read more.
Malware is one of the most significant threats in today’s computing world since the number of websites distributing malware is increasing at a rapid rate. Malware analysis and prevention methods are increasingly becoming necessary for computer systems connected to the Internet. This software exploits the system’s vulnerabilities to steal valuable information without the user’s knowledge, and stealthily send it to remote servers controlled by attackers. Traditionally, anti-malware products use signatures for detecting known malware. However, the signature-based method does not scale in detecting obfuscated and packed malware. Considering that the cause of a problem is often best understood by studying the structural aspects of a program like the mnemonics, instruction opcode, API Call, etc. In this paper, we investigate the relevance of the features of unpacked malicious and benign executables like mnemonics, instruction opcodes, and API to identify a feature that classifies the executable. Prominent features are extracted using Minimum Redundancy and Maximum Relevance (mRMR) and Analysis of Variance (ANOVA). Experiments were conducted on four datasets using machine learning and deep learning approaches such as Support Vector Machine (SVM), Naïve Bayes, J48, Random Forest (RF), and XGBoost. In addition, we also evaluate the performance of the collection of deep neural networks like Deep Dense network, One-Dimensional Convolutional Neural Network (1D-CNN), and CNN-LSTM in classifying unknown samples, and we observed promising results using APIs and system calls. On combining APIs/system calls with static features, a marginal performance improvement was attained comparing models trained only on dynamic features. Moreover, to improve accuracy, we implemented our solution using distinct deep learning methods and demonstrated a fine-tuned deep neural network that resulted in an F1-score of 99.1% and 98.48% on Dataset-2 and Dataset-3, respectively. Full article
(This article belongs to the Special Issue High Accuracy Detection of Mobile Malware Using Machine Learning)
Show Figures

Figure 1

17 pages, 1689 KiB  
Article
Deep Learning Techniques for Android Botnet Detection
by Suleiman Y. Yerima, Mohammed K. Alzaylaee, Annette Shajan and Vinod P
Electronics 2021, 10(4), 519; https://doi.org/10.3390/electronics10040519 - 23 Feb 2021
Cited by 29 | Viewed by 4072
Abstract
Android is increasingly being targeted by malware since it has become the most popular mobile operating system worldwide. Evasive malware families, such as Chamois, designed to turn Android devices into bots that form part of a larger botnet are becoming prevalent. This calls [...] Read more.
Android is increasingly being targeted by malware since it has become the most popular mobile operating system worldwide. Evasive malware families, such as Chamois, designed to turn Android devices into bots that form part of a larger botnet are becoming prevalent. This calls for more effective methods for detection of Android botnets. Recently, deep learning has gained attention as a machine learning based approach to enhance Android botnet detection. However, studies that extensively investigate the efficacy of various deep learning models for Android botnet detection are currently lacking. Hence, in this paper we present a comparative study of deep learning techniques for Android botnet detection using 6802 Android applications consisting of 1929 botnet applications from the ISCX botnet dataset. We evaluate the performance of several deep learning techniques including: CNN, DNN, LSTM, GRU, CNN-LSTM, and CNN-GRU models using 342 static features derived from the applications. In our experiments, the deep learning models achieved state-of-the-art results based on the ISCX botnet dataset and also outperformed the classical machine learning classifiers. Full article
(This article belongs to the Special Issue High Accuracy Detection of Mobile Malware Using Machine Learning)
Show Figures

Figure 1

23 pages, 8107 KiB  
Article
Ensemble-Based Classification Using Neural Networks and Machine Learning Models for Windows PE Malware Detection
by Robertas Damaševičius, Algimantas Venčkauskas, Jevgenijus Toldinas and Šarūnas Grigaliūnas
Electronics 2021, 10(4), 485; https://doi.org/10.3390/electronics10040485 - 18 Feb 2021
Cited by 64 | Viewed by 6814
Abstract
The security of information is among the greatest challenges facing organizations and institutions. Cybercrime has risen in frequency and magnitude in recent years, with new ways to steal, change and destroy information or disable information systems appearing every day. Among the types of [...] Read more.
The security of information is among the greatest challenges facing organizations and institutions. Cybercrime has risen in frequency and magnitude in recent years, with new ways to steal, change and destroy information or disable information systems appearing every day. Among the types of penetration into the information systems where confidential information is processed is malware. An attacker injects malware into a computer system, after which he has full or partial access to critical information in the information system. This paper proposes an ensemble classification-based methodology for malware detection. The first-stage classification is performed by a stacked ensemble of dense (fully connected) and convolutional neural networks (CNN), while the final stage classification is performed by a meta-learner. For a meta-learner, we explore and compare 14 classifiers. For a baseline comparison, 13 machine learning methods are used: K-Nearest Neighbors, Linear Support Vector Machine (SVM), Radial basis function (RBF) SVM, Random Forest, AdaBoost, Decision Tree, ExtraTrees, Linear Discriminant Analysis, Logistic, Neural Net, Passive Classifier, Ridge Classifier and Stochastic Gradient Descent classifier. We present the results of experiments performed on the Classification of Malware with PE headers (ClaMP) dataset. The best performance is achieved by an ensemble of five dense and CNN neural networks, and the ExtraTrees classifier as a meta-learner. Full article
(This article belongs to the Special Issue High Accuracy Detection of Mobile Malware Using Machine Learning)
Show Figures

Figure 1

Review

Jump to: Editorial, Research

28 pages, 2037 KiB  
Review
Business Email Compromise Phishing Detection Based on Machine Learning: A Systematic Literature Review
by Hany F. Atlam and Olayonu Oluwatimilehin
Electronics 2023, 12(1), 42; https://doi.org/10.3390/electronics12010042 - 22 Dec 2022
Cited by 10 | Viewed by 5577
Abstract
The risk of cyberattacks against businesses has risen considerably, with Business Email Compromise (BEC) schemes taking the lead as one of the most common phishing attack methods. The daily evolution of this assault mechanism’s attack methods has shown a very high level of [...] Read more.
The risk of cyberattacks against businesses has risen considerably, with Business Email Compromise (BEC) schemes taking the lead as one of the most common phishing attack methods. The daily evolution of this assault mechanism’s attack methods has shown a very high level of proficiency against organisations. Since the majority of BEC emails lack a payloader, they have become challenging for organisations to identify or detect using typical spam filtering and static feature extraction techniques. Hence, an efficient and effective BEC phishing detection approach is required to provide an effective solution to various organisations to protect against such attacks. This paper provides a systematic review and examination of the state of the art of BEC phishing detection techniques to provide a detailed understanding of the topic to allow researchers to identify the main principles of BEC phishing detection, the common Machine Learning (ML) algorithms used, the features used to detect BEC phishing, and the common datasets used. Based on the selected search strategy, 38 articles (of 950 articles) were chosen for closer examination. Out of these articles, the contributions of the selected articles were discussed and summarised to highlight their contributions as well as their limitations. In addition, the features of BEC phishing used for detection were provided, as well as the ML algorithms and datasets that were used in BEC phishing detection models were discussed. In the end, open issues and future research directions of BEC phishing detection based on ML were discussed. Full article
(This article belongs to the Special Issue High Accuracy Detection of Mobile Malware Using Machine Learning)
Show Figures

Figure 1

34 pages, 2226 KiB  
Review
Android Mobile Malware Detection Using Machine Learning: A Systematic Review
by Janaka Senanayake, Harsha Kalutarage and Mhd Omar Al-Kadri
Electronics 2021, 10(13), 1606; https://doi.org/10.3390/electronics10131606 - 05 Jul 2021
Cited by 43 | Viewed by 17401
Abstract
With the increasing use of mobile devices, malware attacks are rising, especially on Android phones, which account for 72.2% of the total market share. Hackers try to attack smartphones with various methods such as credential theft, surveillance, and malicious advertising. Among numerous countermeasures, [...] Read more.
With the increasing use of mobile devices, malware attacks are rising, especially on Android phones, which account for 72.2% of the total market share. Hackers try to attack smartphones with various methods such as credential theft, surveillance, and malicious advertising. Among numerous countermeasures, machine learning (ML)-based methods have proven to be an effective means of detecting these attacks, as they are able to derive a classifier from a set of training examples, thus eliminating the need for an explicit definition of the signatures when developing malware detectors. This paper provides a systematic review of ML-based Android malware detection techniques. It critically evaluates 106 carefully selected articles and highlights their strengths and weaknesses as well as potential improvements. Finally, the ML-based methods for detecting source code vulnerabilities are discussed, because it might be more difficult to add security after the app is deployed. Therefore, this paper aims to enable researchers to acquire in-depth knowledge in the field and to identify potential future research and development directions. Full article
(This article belongs to the Special Issue High Accuracy Detection of Mobile Malware Using Machine Learning)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-11
Back to TopTop