College of Computer Science and Information Technology, King Faisal University, P.O. Box 400, Al-Ahsa 31982, Saudi Arabia.
Applied College in Abqaiq, King Faisal University, P.O. Box 400, Al-Ahsa 31982, Saudi Arabia.
Sensors (Basel). 2022 Mar 15;22(6):2268. doi: 10.3390/s22062268.
With the rapid expansion of the use of smartphone devices, malicious attacks against Android mobile devices have increased. The Android system adopted a wide range of sensitive applications such as banking applications; therefore, it is becoming the target of malware that exploits the vulnerabilities of the security system. A few studies proposed models for the detection of mobile malware. Nevertheless, improvements are required to achieve maximum efficiency and performance. Hence, we implemented machine learning and deep learning approaches to detect Android-directed malicious attacks. The support vector machine (SVM), k-nearest neighbors (KNN), linear discriminant analysis (LDA), long short-term memory (LSTM), convolution neural network-long short-term memory (CNN-LSTM), and autoencoder algorithms were applied to identify malware in mobile environments. The cybersecurity system was tested with two Android mobile benchmark datasets. The correlation was calculated to find the high-percentage significant features of these systems in the protection against attacks. The machine learning and deep learning algorithms successfully detected the malware on Android applications. The SVM algorithm achieved the highest accuracy (100%) using the CICAndMal2017 dataset. The LSTM model also achieved a high percentage accuracy (99.40%) using the Drebin dataset. Additionally, by calculating the mean error, mean square error, root mean square error, and Pearson correlation, we found a strong relationship between the predicted values and the target values in the validation phase. The correlation coefficient for the SVM method was R = 100% using the CICAndMal2017 dataset, and LSTM achieved R = 97.39% in the Drebin dataset. Our results were compared with existing security systems, showing that the SVM, LSTM, and CNN-LSTM algorithms are of high efficiency in the detection of malware in the Android environment.
随着智能手机设备的快速普及,针对 Android 移动设备的恶意攻击也在增加。Android 系统采用了广泛的敏感应用程序,如银行应用程序;因此,它正成为利用安全系统漏洞的恶意软件的目标。有一些研究提出了用于检测移动恶意软件的模型。然而,需要改进以实现最高效率和性能。因此,我们实施了机器学习和深度学习方法来检测针对 Android 的恶意攻击。支持向量机 (SVM)、k-最近邻 (KNN)、线性判别分析 (LDA)、长短期记忆 (LSTM)、卷积神经网络-长短期记忆 (CNN-LSTM) 和自动编码器算法被应用于识别移动环境中的恶意软件。该网络安全系统使用两个 Android 移动基准数据集进行了测试。计算了相关性,以找到这些系统在抵御攻击方面的高百分比显著特征。机器学习和深度学习算法成功地检测到了 Android 应用程序中的恶意软件。SVM 算法使用 CICAndMal2017 数据集实现了最高准确率(100%)。LSTM 模型使用 Drebin 数据集也实现了高百分比准确率(99.40%)。此外,通过计算平均误差、均方误差、均方根误差和皮尔逊相关系数,我们在验证阶段发现预测值和目标值之间存在很强的关系。SVM 方法在 CICAndMal2017 数据集上的相关系数为 R=100%,LSTM 在 Drebin 数据集上的相关系数为 R=97.39%。我们的结果与现有的安全系统进行了比较,结果表明 SVM、LSTM 和 CNN-LSTM 算法在检测 Android 环境中的恶意软件方面具有很高的效率。
