Android Malware Detection System Based on Ensemble Learning (original) (raw)

The rapid advancement of smartphones, as well as their widespread use, has resulted in a significant increase in new security concerns. Malware’s covert techniques make signature-based anti-virus/anti-malware solutions difficult to detect. The features used in such solutions are extracted from static or dynamic analysis. In this paper, an Android malware detection system has been proposed. It consists of two main subsystems that work in parallel, one has been trained for benign labeled apps while the second one has been trained on malware labeled apps. Each subsystem is based on an ensemble approach that consists of OC-SVM, LOF, and modified isolation forest (M-iForest) classifiers. Each subsystem used three one-class classifiers to take the decision in each subsystem independently. Moreover, each subsystem used both features that are extracted from static and dynamic malware analysis. The evaluation has been conducted based on two An-droid malware benchmark datasets which are DREBI...