Abstract
This paper introduces and tests a novel machine learning approach to detect Android malware. The proposed approach is composed of Support Vector Machine (SVM) classifier and Harris Hawks Optimization (HHO) algorithm. More specifically, the role of HHO algorithm is to optimize SVM classifier hyperparameters while the SVM performs the classification of malware based on the best-chosen model, as well as producing the optimal solution for weighting the features. The effectiveness of the proposed approach and the ability to increase detection performance are demonstrated by scientific testing using CICMalAnal2017 sampled datasets. We test our method and its robustness on five sampled datasets and achieved the best results in most datasets and measures when compared with other approaches. We also illustrate the ability of the proposed approach to measure the significance of each feature. In addition, we provide deep analysis of possible relationships between weighted features and the type of malware attack. The results show that the proposed approach outperforms the other metaheuristic algorithms and state-of-art classifiers.
Similar content being viewed by others
Data availability
The datasets generated during and/or analyzed during the current study are available from the corresponding author on reasonable request.
References
ODea, S.: Smartphone users worldwide 2016-2023 (2021). https://www.statista.com/statistics/330695/number-of-smartphone-users-worldwide/
Mosa, A.S.M., Yoo, I., Sheets, L.: A systematic review of healthcare applications for smartphones. BMC Med Informat Decision Making 12(1), 1–31 (2012)
Statcounter: Mobile operating system market share worldwide (2021). https://gs.statcounter.com/os-market-share/mobile/worldwide
Department, S.R.: Number of apps available in leading app stores as of 4th quarter 2020 (2021). https://www.statista.com/statistics/276623/number-of-apps-available-in-leading-app-stores/#:~:text=As
Alzaylaee, M.K., Yerima, S.Y., Sezer, S.: Dl-droid: Deep learning based android malware detection using real devices. Computers & Security 89, 101663 (2020)
Dhalaria, M., Gandotra, E.: Android malware detection techniques: A literature review. Recent Patents on Engineering 15(2), 225–245 (2021)
Chen, T.M., Blasco, J., Alzubi, J., Alzubi, O.: Intrusion detection. IET 1, 1–9 (2014)
Wang, X., Li, C.: Android malware detection through machine learning on kernel task structures. Neurocomputing 435, 126–150 (2021)
Agrawal, P., Trivedi, B.: Machine learning classifiers for android malware detection. In: Data Management, Analytics and Innovation, pp. 311–322. Springer (2021)
Rajagopal, A.: Incident of the week: Malware infects 25m android phones (2019). https://www.cshub.com/malware/articles/incident-of-the-week-malware-infects-25m-android-phones
BBC: One billion android devices at risk of hacking (2020). https://www.bbc.com/news/technology-51751950
GOODIN, D.: Google play has been spreading advanced android malware for years (2020). https://arstechnica.com/information-technology/2020/04/sophisticated-android-backdoors-have-been-populating-google-play-for-years/
Vaas, L.: Android malware flytrap hijacks facebook accounts (2021). https://threatpost.com/android-malware-flytrap-facebook/168463/
Lakshmanan, R.: New android malware uses vnc to spy and steal passwords from victims (2021). https://thehackernews.com/2021/07/new-android-malware-uses-vnc-to-spy-and.html
Raveendranath, R., Rajamani, V., Babu, A.J., Datta, S.K.: Android malware attacks and countermeasures: Current and future directions. In: 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT), pp. 137–143. IEEE (2014)
Alqatawna, J., AlaM, A.Z., Hassonah, M.A., Faris, H., et al.: Android botnet detection using machine learning models based on a comprehensive static analysis approach. Journal of Information Security and Applications 58, 102735 (2021)
AlaM, A.Z., Alqatawna, J., Paris, H.: Spam profile detection in social networks based on public features. In: 2017 8th International Conference on information and Communication Systems (ICICS), pp. 130–135. IEEE (2017)
Alqatawna, J., Madain, A., AlaM, A.Z., Al-Sayyed, R.: Online social networks security: Threats, attacks, and future directions Social media shaping e-publishing and academia, pp. 121–132. Springer New york (2017)
Alzubi, O.A.: A deep learning- based frechet and dirichlet model for intrusion detection in iwsn. Journal of Intelligent & Fuzzy Systems (2021). https://doi.org/10.3233/JIFS-189756
Al-Zoubi, A., Alqatawna, J., Faris, H., Hassonah, M.A.: Spam profiles detection on social networks using computational intelligence methods: the effect of the lingual context. Journal of Information Science 47(1), 58–81 (2021)
Al-Ahmad, B., Al-Zoubi, A., Abu Khurma, R., Aljarah, I.: An evolutionary fake news detection method for covid-19 pandemic information. Symmetry 13(6), 1091 (2021)
Alqahtani, E.J., Zagrouba, R., Almuhaideb, A.: A survey on android malware detection techniques using machine learning algorithms. In: 2019 Sixth International Conference on Software Defined Systems (SDS), pp. 110–117. IEEE (2019)
Anderson, H.S., Kharkar, A., Filar, B., Roth, P.: Evading machine learning malware detection. Black Hat (2017)
BalaGanesh, D., Chakrabarti, A., Midhunchakkaravarthy, D.: Smart devices threats, vulnerabilities and malware detection approaches: a survey. European Journal of Engineering and Technology Research 3(2), 7–12 (2018)
Ma, Z., Ge, H., Liu, Y., Zhao, M., Ma, J.: A combination method for android malware detection based on control flow graphs and machine learning algorithms. IEEE access 7, 21235–21245 (2019)
Rana, M.S., Rahman, S.S.M.M., Sung, A.H.: Evaluation of tree based machine learning classifiers for android malware detection. In International Conference on Computational Collective Intelligence, pp. 377–385. Springer New York (2018)
Taheri, R., Javidan, R., Shojafar, M., Vinod, P., Conti, M.: Can machine learning model with static features be fooled: an adversarial machine learning approach. Cluster Computing 23(4), 3233–3253 (2020)
Ananya, A., Aswathy, A., Amal, T., Swathy, P., Vinod, P., Mohammad, S.: Sysdroid: a dynamic ml-based android malware analyzer using system call traces. Cluster Computing pp. 1–20 (2020)
Wang, C., Xu, Q., Lin, X., Liu, S.: Research on data mining of permissions mode for android malware detection. Cluster Computing 22(6), 13337–13350 (2019)
Rashidi, B., Fung, C., Bertino, E.: Android malicious application detection using support vector machine and active learning. In: 2017 13th International Conference on Network and Service Management (CNSM), pp. 1–9. IEEE (2017)
Sun, J., Yan, K., Liu, X., Yang, C., Fu, Y.: Malware detection on android smartphones using keywords vector and svm. In: 2017 IEEE/ACIS 16th International Conference on Computer and Information Science (ICIS), pp. 833–838. IEEE (2017)
Yang, M., Chen, X., Luo, Y., Zhang, H.: An android malware detection model based on dt-svm. Security and Communication Networks 2020 (2020)
Han, H., Lim, S., Suh, K., Park, S., Cho, S.j., Park, M.: Enhanced android malware detection: An svm-based machine learning approach. In: 2020 IEEE International Conference on Big Data and Smart Computing (BigComp), pp. 75–81. IEEE (2020)
AlaM, A.Z., Faris, H., Alqatawna, J., Hassonah, M.A.: Evolving support vector machines using whale optimization algorithm for spam profiles detection on online social networks in different lingual contexts. Knowledge-Based Systems 153, 91–104 (2018)
Alzubi, J.A., Jain, R., Alzubi, O.A., Thareja, A., Upadhyay, Y.: Distracted driver detection using compressed energy efficient convolutional neural network. Journal of Intelligent & Fuzzy Systems (2021). https://doi.org/10.3233/JIFS-189786
Vaishanav, L., Chauhan, S., Vaishanav, H., Sankhla, M.S., Kumar, R.: Behavioural analysis of android malware using machine learning. Int. J. Eng. Comput. Sci 6(5), 21378–21389 (2017)
Li, J., Sun, L., Yan, Q., Li, Z., Srisa-An, W., Ye, H.: Significant permission identification for machine-learning-based android malware detection. IEEE Transactions on Industrial Informatics 14(7), 3216–3225 (2018)
Alzubi, O.A., Alzubi, J.A., Alweshah, M., Qiqieh, I., Al-Shami, S., Ramachandran, M.: An optimal pruning algorithm of classifier ensembles: dynamic programming approach. Neural Computing and Applications 32, 16091–16107 (2020)
Alzubi, O.A., Alzubi, J.A., Tedmori, S., Rashaideh, H., Almomani, O.: Consensus-based combining method for classifier ensembles. The International Arab Journal of Information Technology 15, 76–86 (2018)
Chen, L., Hou, S., Ye, Y.: Securedroid: Enhancing security of machine learning-based detection against adversarial android malware attacks. In: Proceedings of the 33rd Annual Computer Security Applications Conference, pp. 362–372 (2017)
Alzaylaee, M.K., Yerima, S.Y., Sezer, S.: Emulator vs real phone: Android malware detection using machine learning. In: Proceedings of the 3rd ACM on International Workshop on Security and Privacy Analytics, pp. 65–72 (2017)
Mahindru, A., Singh, P.: Dynamic permissions based android malware detection using machine learning techniques. In: Proceedings of the 10th innovations in software engineering conference, pp. 202–210 (2017)
Wen, L., Yu, H.: An android malware detection system based on machine learning. In: AIP Conference Proceedings, p. 020136. AIP Publishing LLC (2017)
Alweshah, M., Alzubi, O.A., Alzubi, J.A., Alaqeel, S.: Solving attribute reduction problem using wrapper genetic programming. International Journal Of Computer Science and Network security 16, 78–84 (2016)
Wang, X., Zhang, D., Su, X., Li, W.: Mlifdect: android malware detection based on parallel machine learning and information fusion. Security and Communication Networks 2017 (2017)
Ali, W.: Hybrid intelligent android malware detection using evolving support vector machine based on genetic algorithm and particle swarm optimization. IJCSNS 19(9), 15 (2019)
Faris, H., Habib, M., Almomani, I., Eshtay, M., Aljarah, I.: Optimizing extreme learning machines using chains of salps for efficient android ransomware detection. Applied Sciences 10(11), 3706 (2020)
Manavi, F., Hamzeh, A.: A new approach for malware detection based on evolutionary algorithm. In: Proceedings of the Genetic and Evolutionary Computation Conference Companion, pp. 1619–1624 (2019)
Hussain, K., Neggaz, N., Zhu, W., Houssein, E.H.: An efficient hybrid sine-cosine harris hawks optimization for low and high-dimensional feature selection. Expert Systems with Applications 176, 114778 (2021)
Cortes, C., Vapnik, V.: Support-vector networks. Machine Learning 20(3), 273–297 (1995)
AlaM, A.Z., Heidari, A.A., Habib, M., Faris, H., Aljarah, I., Hassonah, M.A.: Salp chain-based optimization of support vector machines and feature weighting for medical diagnostic information systems. In: Evolutionary Machine Learning Techniques, pp. 11–34. Springer (2020)
James, G., Witten, D., Hastie, T., Tibshirani, R.: An introduction to statistical learning, vol. 6, p. 978. Springer, New York (2013)
Scholkopf, B., Smola, A.J.: Learning with kernels: support vector machines, regularization, optimization, and beyond. MIT press (2001)
Heidari, A.A., Mirjalili, S., Faris, H., Aljarah, I., Mafarja, M., Chen, H.: Harris hawks optimization: Algorithm and applications. Future Generation Computer Systems 97, 849–872 (2019)
Lashkari, A.H., Kadir, A.F.A., Taheri, L., Ghorbani, A.A.: Toward developing a systematic approach to generate benchmark android malware datasets and classification. In: 2018 International Carnahan Conference on Security Technology (ICCST), pp. 1–7. IEEE (2018)
Lashkari, A.H., Kadir, A.F.A., Gonzalez, H., Mbah, K.F., Ghorbani, A.A.: Towards a network-based framework for android malware detection and characterization. In: 2017 15th Annual conference on privacy, security and trust (PST), pp. 233–23309. IEEE (2017)
Ideses, I., Neuberger, A.: Adware detection and privacy control in mobile devices. In: 2014 IEEE 28th Convention of Electrical & Electronics Engineers in Israel (IEEEI), pp. 1–5. IEEE (2014)
Omeleze, S., Venter, H.S.: Testing the harmonised digital forensic investigation process model-using an android mobile phone. In: 2013 Information Security for South Africa, pp. 1–8. IEEE (2013)
Hamandi, K., Chehab, A., Elhajj, I.H., Kayssi, A.: Android sms malware: Vulnerability and mitigation. In: 2013 27th International Conference on Advanced Information Networking and Applications Workshops, pp. 1004–1009. IEEE (2013)
Acknowledgements
The research reported in this publication was supported by the Deanship of Scientific Research and Innovation at Al-Balqa Applied University in Jordan (Grant Number: DSR-2020#227).
Funding
The research reported in this publication was funded by the Deanship of Scientific Research and Innovation at Al-Balqa Applied University, Al-Salt, Jordan. (Grant Number: DSR-2020#227).
Author information
Authors and Affiliations
Contributions
All authors contributed to the study conception and design. Material preparation, data collection and analysis were performed by OAA, JAA and AMA-Z. The first draft of the manuscript was written by MAH and UK. All authors commented on previous versions of the manuscript, read and approved the final manuscript.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest. The authors declare that there is no conflict interests regarding the publication of this paper.
Human and animal rights statement
This article does not contain any studies with human participants or animals performed by any of the authors.
Informed consent statement
None.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Alzubi, O.A., Alzubi, J.A., Al-Zoubi, A.M. et al. An efficient malware detection approach with feature weighting based on Harris Hawks optimization. Cluster Comput 25, 2369–2387 (2022). https://doi.org/10.1007/s10586-021-03459-1
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-021-03459-1