Abstract

Android malware growth has been increasing dramatically along with increasing of the diversity and complicity of their developing techniques. Machine learning techniques are the current methods to model patterns of static features and dynamic behaviors of Android malware. Whereas the accuracy rates of the classifiers increase with increasing the quality of the features, we relate between the apps' features and the features that are needed to deliver the category's functionality. Differently, our classification approach defines legitimate static features for benign apps under a specific category as opposite to identifying malicious patterns. We utilize the features of the top rated apps in a specific category to learn a malware detection classifier for the given category. Android apps stores organize apps into different categories; For example, Google play store organizes apps into 26 categories such as: Health and Fitness, News and Magazine, Music and Audio, etc. Each category has its distinct functionality which means the apps under a specific category are similar in their static and dynamic features. In general, benign apps under a certain category tend to share a common set of features. On the contrary, malicious apps tend to request abnormal features, less or more than what are common for the category that they belong to. This study proposes category-based machine learning classifiers to enhance the performance of classification models at detecting malicious apps under a certain category. The intensive machine learning experiments proved that category-based classifiers report a remarkable higher average performance compared to non-category based.

Library of Congress Subject Headings

Android (Electronic resource)--Security measures; Malware (Computer software); Machine learning; Learning classifier systems; Classification--Data processing

Publication Date

6-2016

Document Type

Thesis

Student Type

Graduate

Degree Name

Computing Security (MS)

Department, Program, or Center

Department of Computing Security (GCCIS)

Advisor

Tae Oh

Advisor/Committee Member

Bill Stackpole

Advisor/Committee Member

Chaim Sanders

Comments

Physical copy available from RIT's Wallace Library at TK5015.59 .A54 2016

Campus

RIT – Main Campus

Plan Codes

ENVS-MS

Share

COinS