Android malware classification based on ANFIS with fuzzy c-means clustering using significant application permissions

Abstract

Mobile phones have become an essential part of our lives because we depend on them to perform many tasks, and they contain personal and important information. The continuous growth in the number of Android mobile applications resulted in an increase in the number of malware applications, which are real threats and can cause great losses. There is an urgent need for efficient and effective Android malware detection techniques. In this paper, we present an adaptive neuro-fuzzy inference system with fuzzy c-means clustering (FCM-ANFIS) for Android malware classification. The proposed approach utilizes the FCM clustering method to determine the optimum number of clusters and cluster centers, which improves the classification accuracy of the ANFIS. The most significant permissions used in the Android application selected by the information gain algorithm are used as input to the proposed approach (FCM-ANFIS) to classify applications as either malware or benign applications. The experimental results show that the proposed approach (FCM-ANFIS) achieves the highest classification accuracy of 91%, with lowest false positive and false negative rates of 0.5% and 0.4%, respectively.