SMARTPHONE MALWARE DETECTION BASED ON ENHANCED CORRELATION-BASED FEATURE SELECTION ON PERMISSIONS

Abstract

In the present day, smartphones are becoming increasingly ubiquitous, with people of all ages relying on them for daily use. The number of app downloads continues to skyrocket, with 1.6 million apps downloaded every hour in 2022, amounting to a staggering total of 142.6 billion downloads. Google Play outpaces iOS with 110.1 billion downloads compared to iOS's 32.6 billion. Given the growing threat of malware applications for Android users, it is essential to quickly and effectively identify such apps. App permissions represent a promising approach to malware detection, particularly for Android users. Researchers are actively exploring various techniques for analyzing app permissions to enhance the accuracy of malware detection. Overall, understanding the importance of app permissions in identifying potentially harmful apps is a critical step in protecting smartphone users from malware threats. In our thesis, we have successfully employed the Enhanced Correlation-based Feature Selection (ECFS) technique to discern the nature of mobile applications, distinguishing between malicious and non-malicious ones. This approach leverages both feature-feature and feature-class correlation scores, specifically the ENMRS and crRelevance measures, to compute the relevance of each feature. By employing ECFS, we were able to identify the most informative features for accurate prediction. We further assessed the performance of various Machine Learning Techniques by utilizing the ECFS scores. Notably, we achieved the highest accuracy of 92.25% by employing the Random Forest ML Technique. This accuracy was obtained by setting the n1 and n2 values to 0.9 and 0.1, respectively. Our findings highlight the effectiveness of ECFS in enhancing the prediction accuracy for distinguishing between malicious and non-malicious apps, with Random Forest emerging as the most successful MI, Technique in this regard.