| Name: | Description: | Size: | Format: | |
|---|---|---|---|---|
| 2.83 MB | Adobe PDF |
Authors
Advisor(s)
Abstract(s)
A presença de software malicioso (malware) em, por exemplo, aplicações Android, tem consequências prejudiciais e irreparáveis para o utilizador e/ou o dispositivo. Apesar das app stores providenciarem proteções para restringir aplicações contendo malware, este continua a crescer em sofisticação e difusão. Neste trabalho, exploramos técnicas de Aprendizagem Automática (AA) para deteção de malware em aplicações Android. Com foco no estudo de diferentes técnicas de pré-processamento, redução de dimensionalidade e classificação, avaliando a capacidade de generalização do modelo usando conjuntos de dados standard e de domínio público. Com base na literatura e nos nossos resultados experimentais, concluímos que os classificadores que apresentam melhor desempenho na deteção de malware em aplicações Android são Support Vector Machine (SVM) e Random Forest (RF). É dado ênfase à Seleção de Atributos (SA), que reduz a dimensionalidade dos dados e identifica os atributos mais decisivos para classificação de malware em Android. Aplicam-se diferentes métricas de avaliação ao modelo e comparam-se os resultados experimentais com os reportados na literatura. O objetivo deste estudo é o desenvolvimento de um protótipo que recorra a técnicas de AA para detetar malware em aplicações Android. A nossa abordagem é capaz de identificar os atributos mais relevantes para classificar uma aplicação como maliciosa. Nomeadamente, concluímos que as permissões se destacam na deteção de malware em Android. A abordagem proposta reduz a imensionalidade dos dados enquanto apresenta uma alta acurácia na identificação de malware em aplicações Android.MFSPV outperforms DLAPP in computational efficiency, but DLAPP achieves a slightly lower network latency. Nevertheless, both only introduce an additional 11% delay in hybrid end-to-end communications. Hybrid communication imposes, on average, an extra 28.29ms of end-to-end time. The proposal shows promise as it reaches end-to-end times below the latency requirements imposed in most C-ITS use cases.
The presence of malicious software (malware), for example, in Android applications (apps), has harmful or irreparable consequences to the user and/or the device. Despite the protections app stores provide to restrict apps containing malware, it keeps growing both in sophistication and diffusion. In this work, we explore the use of Machine Learning (ML) techniques to detect malware in Android apps. The focus is on the study of different data pre-processing, dimensionality reduction, and classification techniques, assessing the generalisation ability of the learned models using standard and public domain datasets. From the literature and our own experimental results, it can be concluded that the classifiers that achieve the best performance in Android malware detection are the Support Vector Machine (SVM) and Random Forest (RF). We also emphasise Feature Selection (FS), which reduces the data’s dimensionality and identifies the most relevant features in Android malware classification. Different evaluationmetrics are applied to the learned model and compared against the experimental results found in the literature.The final goal of this study was the development of a prototype that resorts to ML techniques to detect malware in Android apps. Our approach is able to identify the most relevant features to classify an app as malicious. Namely, we conclude that permissions play a prominent role in Androidmalware detection. The proposed approach reduced the data dimensionality while achieving high accuracy in identifying malware in Android apps.
The presence of malicious software (malware), for example, in Android applications (apps), has harmful or irreparable consequences to the user and/or the device. Despite the protections app stores provide to restrict apps containing malware, it keeps growing both in sophistication and diffusion. In this work, we explore the use of Machine Learning (ML) techniques to detect malware in Android apps. The focus is on the study of different data pre-processing, dimensionality reduction, and classification techniques, assessing the generalisation ability of the learned models using standard and public domain datasets. From the literature and our own experimental results, it can be concluded that the classifiers that achieve the best performance in Android malware detection are the Support Vector Machine (SVM) and Random Forest (RF). We also emphasise Feature Selection (FS), which reduces the data’s dimensionality and identifies the most relevant features in Android malware classification. Different evaluationmetrics are applied to the learned model and compared against the experimental results found in the literature.The final goal of this study was the development of a prototype that resorts to ML techniques to detect malware in Android apps. Our approach is able to identify the most relevant features to classify an app as malicious. Namely, we conclude that permissions play a prominent role in Androidmalware detection. The proposed approach reduced the data dimensionality while achieving high accuracy in identifying malware in Android apps.
Description
Dissertação para obtenção do Grau de Mestre em Engenharia Informática e de Computadores
Keywords
Aplicações android Aprendizagem automática Aprendizagem supervisionada Conjuntos de dados Deteção de malware Segurança Seleção de atributos Android applications Datasets Feature selection Machine learning Malware detection Security
Citation
Palma, Catarina Rodrigues- Malware detection in android applications with machine learning techniques. Lisboa: Instituto Superior de Engenharia de Lisboa, 2023. Dissertação de Mestrado