A Novel Wavelet-Based Model For Android Malware Detection Utilizing System Calls Features

A Novel Wavelet-Based Model For Android Malware Detection Utilizing System Calls Features

연구 분야: Safety

학회: Journal of Network and Systems Management

Security is a critical concern in the Android ecosystem, as the ability to install applications from unverified sources exposes devices to potential malware infiltration and malicious attacks. Malware classification presents significant challenges in mobile malware detection, with dynamic analysis playing a pivotal role in intrusion detection systems (IDS). This process involves the real-time examination of application behavior, enabling the extraction of dynamic patterns exhibited by malware. System calls, provided by the device’s operating system and accessible by user applications, are extensively used in machine learning methods for malware detection. Enhancing system call feature selection is critical for improving machine learning-based detection performance. In this paper, we propose a novel approach leveraging wavelets to enhance the detection of various Android malware types, including adware, riskware, banking malware, and SMS malware. Our methodology employs the Chi-Square test for feature selection and utilizes the Haar wavelet to transform the selected attributes into wavelet coefficients. Several machine learning classifiers, such as Decision Tree (DT), Support Vector Machine (SVM), Random Forest (RF), and Neural Network (NN), are evaluated in our experiments. Performance is assessed using metrics such as Accuracy, Recall, F-Score, and Precision. Among the evaluated models, the Random Forest classifier, combined with wavelet-based feature selection, achieved the highest performance, attaining an impressive accuracy rate of 99.99%. The results unequivocally demonstrate the effectiveness of the proposed model in detecting Android malware.