PermGuard: A Scalable Framework for Android Malware Detection Using Permission-to-Exploitation Mapping
<p dir="ltr">Android, the world’s most widely used mobile operating system, is increasingly targeted by malware due to its open-source nature, high customizability, and integration with Google services. The increasing reliance on mobile devices significantly raises the risk of malwar...
محفوظ في:
| المؤلف الرئيسي: | |
|---|---|
| مؤلفون آخرون: | , , , , |
| منشور في: |
2024
|
| الموضوعات: | |
| الوسوم: |
إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| _version_ | 1864513543137656832 |
|---|---|
| author | Arvind Prasad (19997799) |
| author2 | Shalini Chandra (21324161) Mueen Uddin (4903510) Taher Al-Shehari (21323711) Nasser A. Alsadhan (21324164) Syed Sajid Ullah (21324167) |
| author2_role | author author author author author |
| author_facet | Arvind Prasad (19997799) Shalini Chandra (21324161) Mueen Uddin (4903510) Taher Al-Shehari (21323711) Nasser A. Alsadhan (21324164) Syed Sajid Ullah (21324167) |
| author_role | author |
| dc.creator.none.fl_str_mv | Arvind Prasad (19997799) Shalini Chandra (21324161) Mueen Uddin (4903510) Taher Al-Shehari (21323711) Nasser A. Alsadhan (21324164) Syed Sajid Ullah (21324167) |
| dc.date.none.fl_str_mv | 2024-12-27T03:00:00Z |
| dc.identifier.none.fl_str_mv | 10.1109/access.2024.3523629 |
| dc.relation.none.fl_str_mv | https://figshare.com/articles/journal_contribution/PermGuard_A_Scalable_Framework_for_Android_Malware_Detection_Using_Permission-to-Exploitation_Mapping/29605343 |
| dc.rights.none.fl_str_mv | CC BY 4.0 info:eu-repo/semantics/openAccess |
| dc.subject.none.fl_str_mv | Information and computing sciences Artificial intelligence Cybersecurity and privacy Data management and data science Machine learning Android malware detection Machine learning Permissions exploitation Cybersecurity Mobile security |
| dc.title.none.fl_str_mv | PermGuard: A Scalable Framework for Android Malware Detection Using Permission-to-Exploitation Mapping |
| dc.type.none.fl_str_mv | Text Journal contribution info:eu-repo/semantics/publishedVersion text contribution to journal |
| description | <p dir="ltr">Android, the world’s most widely used mobile operating system, is increasingly targeted by malware due to its open-source nature, high customizability, and integration with Google services. The increasing reliance on mobile devices significantly raises the risk of malware attacks, especially for non-technical users who often grant permissions without thorough evaluation, leading to potentially devastating effects. This paper introduces PermGuard, a scalable framework for Android malware detection that maps permissions into exploitation techniques and employs incremental learning to detect malicious apps. It presents a novel technique for constructing the PermGuard dataset by mapping Android permissions to exploitation techniques, providing a comprehensive understanding of how permissions can be misused by malware. The dataset consists of 55,911 benign and 55,911 malware apps, providing a balanced and comprehensive foundation for analysis. Additionally, a new strategy using similarity-based selective training reduces the amount of data required for the training of an incremental learning-based model, focusing on the most relevant data to improve efficiency. To ensure robustness and accuracy, the model adopts a test-then-train approach, initially testing on application data to identify weaknesses and refine the training process. The framework’s resilience is tested against adversarial attacks, demonstrating its ability to withstand attempts to bypass or deceive detection mechanisms and enhance overall security. Designed for scalability, PermGuard can handle large and continuously growing datasets, making it suitable for real-world applications. Empirical results indicate that the model achieved an accuracy of 0.9933 on real datasets and 0.9828 on synthetic datasets, demonstrating strong resilience against both real and adversarial attacks.</p><h2>Other Information</h2><p dir="ltr">Published in: IEEE Access<br>License: <a href="https://creativecommons.org/licenses/by/4.0/deed.en" rel="noreferrer noopener" target="_blank">https://creativecommons.org/licenses/by/4.0/</a> <br>See article on publisher's website: <a href="https://dx.doi.org/10.1109/access.2024.3523629" target="_blank">https://dx.doi.org/10.1109/access.2024.3523629</a></p> |
| eu_rights_str_mv | openAccess |
| id | Manara2_b7540d0f11bb48316035ecd2e7ecc5cb |
| identifier_str_mv | 10.1109/access.2024.3523629 |
| network_acronym_str | Manara2 |
| network_name_str | Manara2 |
| oai_identifier_str | oai:figshare.com:article/29605343 |
| publishDate | 2024 |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| rights_invalid_str_mv | CC BY 4.0 |
| spelling | PermGuard: A Scalable Framework for Android Malware Detection Using Permission-to-Exploitation MappingArvind Prasad (19997799)Shalini Chandra (21324161)Mueen Uddin (4903510)Taher Al-Shehari (21323711)Nasser A. Alsadhan (21324164)Syed Sajid Ullah (21324167)Information and computing sciencesArtificial intelligenceCybersecurity and privacyData management and data scienceMachine learningAndroid malware detectionMachine learningPermissions exploitationCybersecurityMobile security<p dir="ltr">Android, the world’s most widely used mobile operating system, is increasingly targeted by malware due to its open-source nature, high customizability, and integration with Google services. The increasing reliance on mobile devices significantly raises the risk of malware attacks, especially for non-technical users who often grant permissions without thorough evaluation, leading to potentially devastating effects. This paper introduces PermGuard, a scalable framework for Android malware detection that maps permissions into exploitation techniques and employs incremental learning to detect malicious apps. It presents a novel technique for constructing the PermGuard dataset by mapping Android permissions to exploitation techniques, providing a comprehensive understanding of how permissions can be misused by malware. The dataset consists of 55,911 benign and 55,911 malware apps, providing a balanced and comprehensive foundation for analysis. Additionally, a new strategy using similarity-based selective training reduces the amount of data required for the training of an incremental learning-based model, focusing on the most relevant data to improve efficiency. To ensure robustness and accuracy, the model adopts a test-then-train approach, initially testing on application data to identify weaknesses and refine the training process. The framework’s resilience is tested against adversarial attacks, demonstrating its ability to withstand attempts to bypass or deceive detection mechanisms and enhance overall security. Designed for scalability, PermGuard can handle large and continuously growing datasets, making it suitable for real-world applications. Empirical results indicate that the model achieved an accuracy of 0.9933 on real datasets and 0.9828 on synthetic datasets, demonstrating strong resilience against both real and adversarial attacks.</p><h2>Other Information</h2><p dir="ltr">Published in: IEEE Access<br>License: <a href="https://creativecommons.org/licenses/by/4.0/deed.en" rel="noreferrer noopener" target="_blank">https://creativecommons.org/licenses/by/4.0/</a> <br>See article on publisher's website: <a href="https://dx.doi.org/10.1109/access.2024.3523629" target="_blank">https://dx.doi.org/10.1109/access.2024.3523629</a></p>2024-12-27T03:00:00ZTextJournal contributioninfo:eu-repo/semantics/publishedVersiontextcontribution to journal10.1109/access.2024.3523629https://figshare.com/articles/journal_contribution/PermGuard_A_Scalable_Framework_for_Android_Malware_Detection_Using_Permission-to-Exploitation_Mapping/29605343CC BY 4.0info:eu-repo/semantics/openAccessoai:figshare.com:article/296053432024-12-27T03:00:00Z |
| spellingShingle | PermGuard: A Scalable Framework for Android Malware Detection Using Permission-to-Exploitation Mapping Arvind Prasad (19997799) Information and computing sciences Artificial intelligence Cybersecurity and privacy Data management and data science Machine learning Android malware detection Machine learning Permissions exploitation Cybersecurity Mobile security |
| status_str | publishedVersion |
| title | PermGuard: A Scalable Framework for Android Malware Detection Using Permission-to-Exploitation Mapping |
| title_full | PermGuard: A Scalable Framework for Android Malware Detection Using Permission-to-Exploitation Mapping |
| title_fullStr | PermGuard: A Scalable Framework for Android Malware Detection Using Permission-to-Exploitation Mapping |
| title_full_unstemmed | PermGuard: A Scalable Framework for Android Malware Detection Using Permission-to-Exploitation Mapping |
| title_short | PermGuard: A Scalable Framework for Android Malware Detection Using Permission-to-Exploitation Mapping |
| title_sort | PermGuard: A Scalable Framework for Android Malware Detection Using Permission-to-Exploitation Mapping |
| topic | Information and computing sciences Artificial intelligence Cybersecurity and privacy Data management and data science Machine learning Android malware detection Machine learning Permissions exploitation Cybersecurity Mobile security |