ANDROID MALWARE DETECTION USING MACHINE LEARNING TECHNIQUE ON LOW-PRIVILEGED MONITORABLE FEATURES

Abstract

The Android platform became one of the most vulnerable targets for cyberattacks in recent times due to a rapid surge in malware embedded apps. Researchers have inves- tigated various machine learning techniques for Android malware detection but most of these techniques are inefficient against the novel malware. The various problems like code obfuscation, the requirement of device root privileges, simulated and small size datasets pose serious flaws to the existing solutions. This work evaluates several machine learning models for mitigating these issues using low-privileged monitorable features sampled in the SherLock dataset. The findings of this research conclude that the XGBoost clas- sifier is the most accurate in detecting the malware compared to other classifiers with 93% overall values of precision, recall, and accuracy. In terms of FNR values, which sig- nify the undetected malware, the XGBoost classifier also performs better than the other algorithms with values of 7.0%