Dimensionality Reduction of Feature Set for API Call based Android Malware Classification (API Call 정보 기반의 안드로이드 악성코드 분류를 위한 특성 집합 추출)

Hee-Jin Hwang (황희진); Soojin Lee (이수진)

doi:10.9708/jksci.2021.26.11.041

Dimensionality Reduction of Feature Set for API Call based Android Malware Classification

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2021, 26(11), pp.41-49
DOI : 10.9708/jksci.2021.26.11.041
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science
Received : October 25, 2021
Accepted : November 12, 2021
Published : November 30, 2021

Hee-Jin Hwang ¹, Soojin Lee ¹

¹국방대학교

Accredited

ABSTRACT

All application programs, including malware, call the Application Programming Interface (API) upon execution. Recently, using those characteristics, attempts to detect and classify malware based on API Call information have been actively studied. However, datasets containing API Call information require a large amount of computational cost and processing time. In addition, information that does not significantly affect the classification of malware may affect the classification accuracy of the learning model. Therefore, in this paper, we propose a method of extracting a essential feature set after reducing the dimensionality of API Call information by applying various feature selection methods. We used CICAndMal2020, a recently announced Android malware dataset, for the experiment. After extracting the essential feature set through various feature selection methods, Android malware classification was conducted using CNN (Convolutional Neural Network) and the results were analyzed. The results showed that the selected feature set or weight priority varies according to the feature selection methods. And, in the case of binary classification, malware was classified with 97% accuracy even if the feature set was reduced to 15% of the total size. In the case of multiclass classification, an average accuracy of 83% was achieved while reducing the feature set to 8% of the total size.

KEYWORDS

API-Call, Feature Selection, Dimensionality Reduction, Malware Classification, CNN

Citation status

* References for papers published after 2023 are currently being built.

[web] Statcounter / Mobile Operating System Market Share Worldwide / https://gs.statcounter.com/os-market-share/mobile/worldwide/#monthly-202009-202109

[web] Statcounter / Mobile Operating System Market Share Worldwide / https://gs.statcounter.com/os-market-share/mobile/south-korea/#monthly-202009-202109

[web] GDATA / Some 343 new Android malware samples every hour in 2017 / https://www.gdatasoftware.com/blog/2018/02/30491–some-343-new-android-malware-samples-every-hour-in-2017

[confproc] Abir Rahali / 2020 / DIDroid: Android Malware Classification and Characterization Using Deep Image Learning / 10th International Conference on Communication and Network Security (ICCNS2020) : 70~82

[confproc] Naser Peiravian / 2014 / Machine Learning for Android Malware Detection Using Permission and API Calls / 2013 IEEE 25th International Conference on Tools with Artificial Intelligence : 300~305

[journal] Lucky Onwuzurike / 2019 / MaMaDroid / ACM Transactions on Privacy and Security / Association for Computing Machinery (ACM) 22(2) : 1~34

[journal] Andrea De Lorenzo / 2020 / Visualizing the outcome of dynamic analysis of Android malware with VizMal / Journal of Information Security and Applications / Elsevier BV 50 : 102423~

[confproc] David Sean Keyes / 2021 / EntropLyzer: Android Malware Classification and Characterization Using Entropy Analysis of Dynamic Characteristics / 2021 Reconciling Data Analytics, Automation, Privacy, and Security: A Big Data Challenge (RDAAPS) 2021 : 1~8

[journal] Suleiman Y. Yerima / 2019 / Machine learning-based dynamic analysis of Android apps with improved code coverage / EURASIP Journal on Information Security / Springer Science and Business Media LLC 2019(1)

[confproc] Laya Taheri / 2019 / Extensible Android Malware Detection and Family Classification Using Network-Flows and API-Calls / 2019 International Carnahan Conference on Security Technology (ICCST)) : 1~8

[journal] Rizgar Zebari / 2020 / A Comprehensive Review of Dimensionality Reduction Techniques for Feature Selection and Feature Extraction / Journal of Applied Science and Technology Trends / Interdisciplinary Publishing Academia 1(2) : 56~70

[journal] I. Sumaiya Thaseen / 2019 / Integrated Intrusion Detection Model Using Chi-Square Feature Selection and Ensemble of Classifiers / Arabian Journal for Science and Engineering / Springer Science and Business Media LLC 44(4) : 3357~3368

[confproc] B Jyothi Kumar / 2019 / Logistic regression for polymorphic malware detection using ANOVA F-test / 2017 International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS) : 1~34

[journal] N. Hoque / 2014 / MIFS-ND: A mutual information-based feature selection method / Expert Systems with Applications / Elsevier BV 41(14) : 6371~6385

[journal] Matthias Reif / 2014 / Efficient feature size reduction via predictive forward selection / Pattern Recognition / Elsevier BV 47(4) : 1664~1673

[confproc] Hoai Bach Nguyen / 2014 / Filter based backward elimination in wrapper based PSO for feature selection in classification / 2014 IEEE Congress on Evolutionary Computation (CEC) : 3111~3118

[confproc] R Muthukrishnan / 2017 / LASSO: A feature selection technique in predictive modeling for machine learning / 2016IEEE International Conference on Advances in Computer Applications (ICACA) : 18~20

[journal] Saurabh Paul / 2016 / Feature Selection for Ridge Regression with Provable Guarantees / Neural Computation / MIT Press - Journals 28(4) : 716~742

[journal] Hui Zou / 2005 / Regularization and variable selection via the elastic net / Journal of the Royal Statistical Society: Series B (Statistical Methodology) / Wiley 67(2) : 301~320

[journal] Howida Abuabker Alkaaf / 2020 / Exploring permissions in android applications using ensemble-based extra tree feature selection / Indonesian Journal of Electrical Engineering and Computer Science / Institute of Advanced Engineering and Science 19(1) : 543~

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65

Dimensionality Reduction of Feature Set for API Call based Android Malware Classification

ABSTRACT

KEYWORDS

Citation status

* References for papers published after 2023 are currently being built.

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65

Dimensionality Reduction of Feature Set for API Call based Android Malware Classification

ABSTRACT

KEYWORDS

Statistics

Tools

Issue List

Citation status

KCI Citation Counts (1)

REFERENCES (20) * References for papers published after 2023 are currently being built.

Search PDF

Citation

* References for papers published after 2023 are currently being built.