Coder Social home page Coder Social logo

android_malware_detection's Introduction

Android Malware Detection Using Machine Learning

In signature based malware detection, antivirus program looks for signature which is nothing but sequence of byte in a particular file to declare the file as malicious. For polymorphic and unknown viruses, signature based detection system fails because polymorphic viruses are encrypted viruses and they are changing decryptor loop on each infection without changing actual code and for unknown viruses there is no signature present in antivirus database. Machine learning-based malware detection uses algorithms to identify patterns and behaviors characteristic of malware, without relying on previously known signatures. This type of non-signature based detection can be more effective in detecting unknown or evolving threats.
Hence, non-signature based approach to detect malware on the basis of an integrated feature set prepared by processing Portable executable (PE) file’s header fields values. The machine learning based method utilizes the structural and behavioral features of malware and benign programs to build a classification model to identify a given sample program as malware or benign.
With AndroGuard, one can examine the structure of an APK, extract and analyze its components, and extract features such as permissions, activities, and services. The library also provides a convenient API for accessing and manipulating the data, making it a useful tool for security researchers, Android developers, and anyone interested in analyzing Android applications.
Our aim was to use some of the major properties of an APK like Android Permissions as features to train several machine learning and deep learning models. We have analysed the accuracy of these models for the test data and it gave us some promising results. The models were performing very well on the new and unseen APKs. Android malware detection using file permissions involves analyzing the permissions of files and directories on the device to identify any malicious behavior.

ML Algorithms such as Logistic Regression, Random Forest Classifier, Gradient Boosting Classifier are implemented individually and then combined into a stacking model for better performance.

Data Analytics

Logistic Regression


Random Forest Classifier

Gradient Boosting Classifier

Stacking Model

Publication

IRJET Journal

android_malware_detection's People

Contributors

gayatri-shahane avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.