A mobile malware detection framework based on ensemble classifier of multiple N-Gram opcode probability output

Anuar, Noor Azleen (2023) A mobile malware detection framework based on ensemble classifier of multiple N-Gram opcode probability output. Masters thesis, Universiti Teknikal Malaysia Melaka.

	Text (24 Pages) A mobile malware detection framework based on ensemble classifier of multiple N-Gram opcode probability output.pdf - Submitted Version Download (3MB)
	Text (Full Text) A mobile malware detection framework based on ensemble classifier of multiple N-Gram opcode probability output.pdf - Submitted Version Restricted to Registered users only Download (9MB)

Official URL: https://plh.utem.edu.my/cgi-bin/koha/opac-detail.p...

Abstract

The advancement of mobile devices nowadays lets users do varieties of activities including surfing the internet, online banking transactions, engaging in social networking and hence increasing the usage of mobile devices. This scenario opens the possibility for cybercriminals to launch a mobile malware attack towards users. The complexity of detecting mobile malware also contributes to the possibility of mobile malware remaining dormant in the application store which can expose users to being tricked into installing the infected programs. Current mobile malware detection methods such as Static analysis and signature-based detection can address these issues, but it can be very difficult to detect zero-day or obfuscated code because it relies on a unique signature. Meanwhile, Dynamic analysis and anomaly-based detection can curb the problem, yet it can result in a relatively high rate of false alerts. In addition, a single model classifier is not strong enough to produce a good detection result. Based on this reason, this research intends to enhance the current Mobile Malware Detection Framework using multiple N-Gram opcode probability output and weighted ensemble to enhance the accuracy, TPR, and FPR. The aim of this research is to identify the features of malicious activity from mobile malware application through static analysis. The features obtained were used in formulating and evaluating the enhanced MMD Framework. The generation of N-Gram opcode sequence represents the malicious features and feature selection method is used to search for optimum features. Additionally, the weighted ensemble method is introduced to combine several probability outputs from multiple classification models. Particle Swarm Optimization is used in searching for optimum weight to be used together with the probability output to improve mobile malware detection. In conclusion, the proposed MMD Framework had shown an enhanced performance with an accuracy of 96.55%, TPR of 99.10%, and FPR of 0.90%. Based on the encouraging results, future studies could explore the possibility of using a dynamic analysis detection approach and applying n-gram to features other than opcode sequence. Ultimately, other datasets and other mobile malware variants should also be explored in future.

Item Type:	Thesis (Masters)
Uncontrolled Keywords:	Mobile devices, Mobile malware, Cybercrime
Subjects:	T Technology > T Technology (General) T Technology > TK Electrical engineering. Electronics Nuclear engineering
Divisions:	Library > Tesis > FTMK
Depositing User:	MUHAMAD HAFEEZ ZAINUDIN
Date Deposited:	16 Dec 2024 08:06
Last Modified:	16 Dec 2024 08:06
URI:	http://eprints.utem.edu.my/id/eprint/28279
Statistic Details:	View Download Statistic

Actions (login required)

View Item