Comparative analysis of different feature ranking techniques in data mining-based android malware detection

Abstract

Malwares have been rising in drastic extent as Android operating system enabled smart phones and tablets getting popularity around the world in last couple of years. For efficient detection of Android malwares, different static and dynamic malware detection methods have been proposed. One of the popular methods of static detection technique is permission/feature-based detection of malwares through AndroidManifest.xml file using machine learning classifiers. But ignoring important feature or keeping irrelevant features may specifically cause mystification for classification algorithms. So to reduce classification time and improvement of accuracy different feature reduction tools have been used in different literature. In this work, we have proposed a framework that extracts the permission features of manifest files, generates feature vectors and uses six different feature ranking tools to create separate feature reducts. On those feature reducts different machine learning classifiers of Data Mining Tool, Weka have been used to classify android applications. We have evaluated our method on a set of total 734 applications (504 benign, 231 malwares) and results show that highest TPR rate observed is 98.01% while accuracy is up to 87.99% and highest F1 score is 0.9189.