Skip to main content
SpringerLink
Log in

An efficient malware detection approach with feature weighting based on Harris Hawks optimization

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

This paper introduces and tests a novel machine learning approach to detect Android malware. The proposed approach is composed of Support Vector Machine (SVM) classifier and Harris Hawks Optimization (HHO) algorithm. More specifically, the role of HHO algorithm is to optimize SVM classifier hyperparameters while the SVM performs the classification of malware based on the best-chosen model, as well as producing the optimal solution for weighting the features. The effectiveness of the proposed approach and the ability to increase detection performance are demonstrated by scientific testing using CICMalAnal2017 sampled datasets. We test our method and its robustness on five sampled datasets and achieved the best results in most datasets and measures when compared with other approaches. We also illustrate the ability of the proposed approach to measure the significance of each feature. In addition, we provide deep analysis of possible relationships between weighted features and the type of malware attack. The results show that the proposed approach outperforms the other metaheuristic algorithms and state-of-art classifiers.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Data availability

The datasets generated during and/or analyzed during the current study are available from the corresponding author on reasonable request.

References

  1. ODea, S.: Smartphone users worldwide 2016-2023 (2021). https://www.statista.com/statistics/330695/number-of-smartphone-users-worldwide/

  2. Mosa, A.S.M., Yoo, I., Sheets, L.: A systematic review of healthcare applications for smartphones. BMC Med Informat Decision Making 12(1), 1–31 (2012)

    Article  Google Scholar 

  3. Statcounter: Mobile operating system market share worldwide (2021). https://gs.statcounter.com/os-market-share/mobile/worldwide

  4. Department, S.R.: Number of apps available in leading app stores as of 4th quarter 2020 (2021). https://www.statista.com/statistics/276623/number-of-apps-available-in-leading-app-stores/#:~:text=As

  5. Alzaylaee, M.K., Yerima, S.Y., Sezer, S.: Dl-droid: Deep learning based android malware detection using real devices. Computers & Security 89, 101663 (2020)

    Article  Google Scholar 

  6. Dhalaria, M., Gandotra, E.: Android malware detection techniques: A literature review. Recent Patents on Engineering 15(2), 225–245 (2021)

    Article  Google Scholar 

  7. Chen, T.M., Blasco, J., Alzubi, J., Alzubi, O.: Intrusion detection. IET 1, 1–9 (2014)

    Google Scholar 

  8. Wang, X., Li, C.: Android malware detection through machine learning on kernel task structures. Neurocomputing 435, 126–150 (2021)

    Article  Google Scholar 

  9. Agrawal, P., Trivedi, B.: Machine learning classifiers for android malware detection. In: Data Management, Analytics and Innovation, pp. 311–322. Springer (2021)

  10. Rajagopal, A.: Incident of the week: Malware infects 25m android phones (2019). https://www.cshub.com/malware/articles/incident-of-the-week-malware-infects-25m-android-phones

  11. BBC: One billion android devices at risk of hacking (2020). https://www.bbc.com/news/technology-51751950

  12. GOODIN, D.: Google play has been spreading advanced android malware for years (2020). https://arstechnica.com/information-technology/2020/04/sophisticated-android-backdoors-have-been-populating-google-play-for-years/

  13. Vaas, L.: Android malware flytrap hijacks facebook accounts (2021). https://threatpost.com/android-malware-flytrap-facebook/168463/

  14. Lakshmanan, R.: New android malware uses vnc to spy and steal passwords from victims (2021). https://thehackernews.com/2021/07/new-android-malware-uses-vnc-to-spy-and.html

  15. Raveendranath, R., Rajamani, V., Babu, A.J., Datta, S.K.: Android malware attacks and countermeasures: Current and future directions. In: 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT), pp. 137–143. IEEE (2014)

  16. Alqatawna, J., AlaM, A.Z., Hassonah, M.A., Faris, H., et al.: Android botnet detection using machine learning models based on a comprehensive static analysis approach. Journal of Information Security and Applications 58, 102735 (2021)

    Article  Google Scholar 

  17. AlaM, A.Z., Alqatawna, J., Paris, H.: Spam profile detection in social networks based on public features. In: 2017 8th International Conference on information and Communication Systems (ICICS), pp. 130–135. IEEE (2017)

  18. Alqatawna, J., Madain, A., AlaM, A.Z., Al-Sayyed, R.: Online social networks security: Threats, attacks, and future directions Social media shaping e-publishing and academia, pp. 121–132. Springer New york (2017)

  19. Alzubi, O.A.: A deep learning- based frechet and dirichlet model for intrusion detection in iwsn. Journal of Intelligent & Fuzzy Systems (2021). https://doi.org/10.3233/JIFS-189756

    Article  Google Scholar 

  20. Al-Zoubi, A., Alqatawna, J., Faris, H., Hassonah, M.A.: Spam profiles detection on social networks using computational intelligence methods: the effect of the lingual context. Journal of Information Science 47(1), 58–81 (2021)

    Article  Google Scholar 

  21. Al-Ahmad, B., Al-Zoubi, A., Abu Khurma, R., Aljarah, I.: An evolutionary fake news detection method for covid-19 pandemic information. Symmetry 13(6), 1091 (2021)

    Article  Google Scholar 

  22. Alqahtani, E.J., Zagrouba, R., Almuhaideb, A.: A survey on android malware detection techniques using machine learning algorithms. In: 2019 Sixth International Conference on Software Defined Systems (SDS), pp. 110–117. IEEE (2019)

  23. Anderson, H.S., Kharkar, A., Filar, B., Roth, P.: Evading machine learning malware detection. Black Hat (2017)

  24. BalaGanesh, D., Chakrabarti, A., Midhunchakkaravarthy, D.: Smart devices threats, vulnerabilities and malware detection approaches: a survey. European Journal of Engineering and Technology Research 3(2), 7–12 (2018)

    Google Scholar 

  25. Ma, Z., Ge, H., Liu, Y., Zhao, M., Ma, J.: A combination method for android malware detection based on control flow graphs and machine learning algorithms. IEEE access 7, 21235–21245 (2019)

    Article  Google Scholar 

  26. Rana, M.S., Rahman, S.S.M.M., Sung, A.H.: Evaluation of tree based machine learning classifiers for android malware detection. In International Conference on Computational Collective Intelligence, pp. 377–385. Springer New York (2018)

  27. Taheri, R., Javidan, R., Shojafar, M., Vinod, P., Conti, M.: Can machine learning model with static features be fooled: an adversarial machine learning approach. Cluster Computing 23(4), 3233–3253 (2020)

    Article  Google Scholar 

  28. Ananya, A., Aswathy, A., Amal, T., Swathy, P., Vinod, P., Mohammad, S.: Sysdroid: a dynamic ml-based android malware analyzer using system call traces. Cluster Computing pp. 1–20 (2020)

  29. Wang, C., Xu, Q., Lin, X., Liu, S.: Research on data mining of permissions mode for android malware detection. Cluster Computing 22(6), 13337–13350 (2019)

    Article  Google Scholar 

  30. Rashidi, B., Fung, C., Bertino, E.: Android malicious application detection using support vector machine and active learning. In: 2017 13th International Conference on Network and Service Management (CNSM), pp. 1–9. IEEE (2017)

  31. Sun, J., Yan, K., Liu, X., Yang, C., Fu, Y.: Malware detection on android smartphones using keywords vector and svm. In: 2017 IEEE/ACIS 16th International Conference on Computer and Information Science (ICIS), pp. 833–838. IEEE (2017)

  32. Yang, M., Chen, X., Luo, Y., Zhang, H.: An android malware detection model based on dt-svm. Security and Communication Networks 2020 (2020)

  33. Han, H., Lim, S., Suh, K., Park, S., Cho, S.j., Park, M.: Enhanced android malware detection: An svm-based machine learning approach. In: 2020 IEEE International Conference on Big Data and Smart Computing (BigComp), pp. 75–81. IEEE (2020)

  34. AlaM, A.Z., Faris, H., Alqatawna, J., Hassonah, M.A.: Evolving support vector machines using whale optimization algorithm for spam profiles detection on online social networks in different lingual contexts. Knowledge-Based Systems 153, 91–104 (2018)

    Article  Google Scholar 

  35. Alzubi, J.A., Jain, R., Alzubi, O.A., Thareja, A., Upadhyay, Y.: Distracted driver detection using compressed energy efficient convolutional neural network. Journal of Intelligent & Fuzzy Systems (2021). https://doi.org/10.3233/JIFS-189786

    Article  Google Scholar 

  36. Vaishanav, L., Chauhan, S., Vaishanav, H., Sankhla, M.S., Kumar, R.: Behavioural analysis of android malware using machine learning. Int. J. Eng. Comput. Sci 6(5), 21378–21389 (2017)

    Google Scholar 

  37. Li, J., Sun, L., Yan, Q., Li, Z., Srisa-An, W., Ye, H.: Significant permission identification for machine-learning-based android malware detection. IEEE Transactions on Industrial Informatics 14(7), 3216–3225 (2018)

    Article  Google Scholar 

  38. Alzubi, O.A., Alzubi, J.A., Alweshah, M., Qiqieh, I., Al-Shami, S., Ramachandran, M.: An optimal pruning algorithm of classifier ensembles: dynamic programming approach. Neural Computing and Applications 32, 16091–16107 (2020)

    Article  Google Scholar 

  39. Alzubi, O.A., Alzubi, J.A., Tedmori, S., Rashaideh, H., Almomani, O.: Consensus-based combining method for classifier ensembles. The International Arab Journal of Information Technology 15, 76–86 (2018)

    Google Scholar 

  40. Chen, L., Hou, S., Ye, Y.: Securedroid: Enhancing security of machine learning-based detection against adversarial android malware attacks. In: Proceedings of the 33rd Annual Computer Security Applications Conference, pp. 362–372 (2017)

  41. Alzaylaee, M.K., Yerima, S.Y., Sezer, S.: Emulator vs real phone: Android malware detection using machine learning. In: Proceedings of the 3rd ACM on International Workshop on Security and Privacy Analytics, pp. 65–72 (2017)

  42. Mahindru, A., Singh, P.: Dynamic permissions based android malware detection using machine learning techniques. In: Proceedings of the 10th innovations in software engineering conference, pp. 202–210 (2017)

  43. Wen, L., Yu, H.: An android malware detection system based on machine learning. In: AIP Conference Proceedings, p. 020136. AIP Publishing LLC (2017)

  44. Alweshah, M., Alzubi, O.A., Alzubi, J.A., Alaqeel, S.: Solving attribute reduction problem using wrapper genetic programming. International Journal Of Computer Science and Network security 16, 78–84 (2016)

    Google Scholar 

  45. Wang, X., Zhang, D., Su, X., Li, W.: Mlifdect: android malware detection based on parallel machine learning and information fusion. Security and Communication Networks 2017 (2017)

  46. Ali, W.: Hybrid intelligent android malware detection using evolving support vector machine based on genetic algorithm and particle swarm optimization. IJCSNS 19(9), 15 (2019)

    Google Scholar 

  47. Faris, H., Habib, M., Almomani, I., Eshtay, M., Aljarah, I.: Optimizing extreme learning machines using chains of salps for efficient android ransomware detection. Applied Sciences 10(11), 3706 (2020)

    Article  Google Scholar 

  48. Manavi, F., Hamzeh, A.: A new approach for malware detection based on evolutionary algorithm. In: Proceedings of the Genetic and Evolutionary Computation Conference Companion, pp. 1619–1624 (2019)

  49. Hussain, K., Neggaz, N., Zhu, W., Houssein, E.H.: An efficient hybrid sine-cosine harris hawks optimization for low and high-dimensional feature selection. Expert Systems with Applications 176, 114778 (2021)

    Article  Google Scholar 

  50. Cortes, C., Vapnik, V.: Support-vector networks. Machine Learning 20(3), 273–297 (1995)

    MATH  Google Scholar 

  51. AlaM, A.Z., Heidari, A.A., Habib, M., Faris, H., Aljarah, I., Hassonah, M.A.: Salp chain-based optimization of support vector machines and feature weighting for medical diagnostic information systems. In: Evolutionary Machine Learning Techniques, pp. 11–34. Springer (2020)

  52. James, G., Witten, D., Hastie, T., Tibshirani, R.: An introduction to statistical learning, vol. 6, p. 978. Springer, New York (2013)

    Book  Google Scholar 

  53. Scholkopf, B., Smola, A.J.: Learning with kernels: support vector machines, regularization, optimization, and beyond. MIT press (2001)

  54. Heidari, A.A., Mirjalili, S., Faris, H., Aljarah, I., Mafarja, M., Chen, H.: Harris hawks optimization: Algorithm and applications. Future Generation Computer Systems 97, 849–872 (2019)

    Article  Google Scholar 

  55. Lashkari, A.H., Kadir, A.F.A., Taheri, L., Ghorbani, A.A.: Toward developing a systematic approach to generate benchmark android malware datasets and classification. In: 2018 International Carnahan Conference on Security Technology (ICCST), pp. 1–7. IEEE (2018)

  56. Lashkari, A.H., Kadir, A.F.A., Gonzalez, H., Mbah, K.F., Ghorbani, A.A.: Towards a network-based framework for android malware detection and characterization. In: 2017 15th Annual conference on privacy, security and trust (PST), pp. 233–23309. IEEE (2017)

  57. Ideses, I., Neuberger, A.: Adware detection and privacy control in mobile devices. In: 2014 IEEE 28th Convention of Electrical & Electronics Engineers in Israel (IEEEI), pp. 1–5. IEEE (2014)

  58. Omeleze, S., Venter, H.S.: Testing the harmonised digital forensic investigation process model-using an android mobile phone. In: 2013 Information Security for South Africa, pp. 1–8. IEEE (2013)

  59. Hamandi, K., Chehab, A., Elhajj, I.H., Kayssi, A.: Android sms malware: Vulnerability and mitigation. In: 2013 27th International Conference on Advanced Information Networking and Applications Workshops, pp. 1004–1009. IEEE (2013)

Download references

Acknowledgements

The research reported in this publication was supported by the Deanship of Scientific Research and Innovation at Al-Balqa Applied University in Jordan (Grant Number: DSR-2020#227).

Funding

The research reported in this publication was funded by the Deanship of Scientific Research and Innovation at Al-Balqa Applied University, Al-Salt, Jordan. (Grant Number: DSR-2020#227).

Author information

Authors and Affiliations

  1. Prince Abdullah bin Ghazi Faculty of Information and Communication Technology, Al-Balqa Applied University, Al-Salt, Jordan

    Omar A. Alzubi

  2. Faculty of Engineering, Al-Balqa Applied University, Al-Salt, Jordan

    Jafar A. Alzubi

  3. School of Science, Technology and Engineering, University of Granada, Granada, Spain

    Ala’ M. Al-Zoubi

  4. Prince Abdullah bin Ghazi Faculty of Information and Communication Technology, Al-Balqa Applied University, Al-Salt, Jordan

    Ala’ M. Al-Zoubi & Mohammad A. Hassonah

  5. Department of Computer Engineering, Suleyman Demirel University, Isparta, Turkey

    Utku Kose

Authors
  1. Omar A. Alzubi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jafar A. Alzubi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ala’ M. Al-Zoubi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mohammad A. Hassonah
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Utku Kose
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

All authors contributed to the study conception and design. Material preparation, data collection and analysis were performed by OAA, JAA and AMA-Z. The first draft of the manuscript was written by MAH and UK. All authors commented on previous versions of the manuscript, read and approved the final manuscript.

Corresponding author

Correspondence to Omar A. Alzubi.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest. The authors declare that there is no conflict interests regarding the publication of this paper.

Human and animal rights statement

This article does not contain any studies with human participants or animals performed by any of the authors.

Informed consent statement

None.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Alzubi, O.A., Alzubi, J.A., Al-Zoubi, A.M. et al. An efficient malware detection approach with feature weighting based on Harris Hawks optimization. Cluster Comput 25, 2369–2387 (2022). https://doi.org/10.1007/s10586-021-03459-1

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-021-03459-1

Keywords

Search

Navigation