Machine Learning Techniques for Distinguishing Android Malware Variants

• Published in: Journal of Applied Data Sciences
• Main Author: Irwansyah I.; Kurniawan T.B.; Dewi D.A.; Zakaria M.Z.; Azmi N.B.
• Format: Article
• Language: English
• Published: Bright Publisher 2025
• Online Access: https://www.scopus.com/inward/record.uri?eid=2-s2.0-85216792805&doi=10.47738%2fjads.v6i1.493&partnerID=40&md5=6f45c832f251948849b4c6974ef35868

The advancement of portable devices has been quickly and dramatically reshaping the usage trend and consumer preferences of electronic devices. Android, the most common mobile operating system, has a privilege-separated protection system with a complex access control mechanism. Android apps require permission to get access to confidential personal data and device resources. However, studies have shown that various malicious applications can acquire permission and target systems and applications by misleading users. In this study, we suggest a machine-learning approach to classifying Android malware variants by mining requested permissions, real permissions, suspicious calls, and API calls that were obtained and used in Android malware applications. Selected features were selected using a feature selection called KBest. Feature selection techniques are used to minimize the scale of the features and increase the performance. Two types of Naïve Bayes classifiers, called Multinomial distribution and multivariate Bernoulli distribution, are used and compared in malware family classification for text classification. Both naïve Bayes types are evaluated using a confusion matrix based on 4022 Android malware applications belonging to 10 families. Experimental findings show that the Multinomial distribution offers a reliable performance from three tests experiment with an average accuracy of 95%. © 2024, Bright Publisher. All rights reserved.