Improved Malware detection model with Apriori Association rule and particle swarm optimization

The incessant destruction and harmful tendency of malware on mobile devices has made malware detection an indispensable continuous field of research. Different matching/mismatching approaches have been adopted in the detection of malware which includes anomaly detection technique, misuse detection, or hybrid detection technique. In order to improve the detection rate of malicious application on the Android platform, a novel knowledge-based database discovery model that improves apriori association rule mining of a priori algorithm with Particle Swarm Optimization (PSO) is proposed. Particle swarm optimization (PSO) is used to optimize the random generation of candidate detectors and parameters associated with apriori algorithm (AA) for features selection. In this method, the candidate detectors generated by particle swarm optimization form rules using apriori association rule. These rule models are used together with extraction algorithm to classify and detect malicious android application. Using a number of rule detectors, the true positive rate of detecting malicious code is maximized, while the false positive rate of wrongful detection is minimized. The results of the experiments show that the proposed a priori association rule with Particle Swarm Optimization model has remarkable improvement over the existing contemporary detection models. © 2019 Olawale Surajudeen Adebayo and Normaziah Abdul Aziz

Android Malware classification using static code analysis and Apriori algorithm improved with particle swarm optimization

Several machine learning techniques based on supervised learning have been adopted in the classification of malware. However, only supervised learning techniques have proofed insufficient for malware classification task. This paper presents a classification of android malware using candidate detectors generated from an unsupervised association rule of Apriori algorithm improved with particle swarm optimization to train three different supervised classifiers. In this method, features were extracted from Android applications byte-code through static code analysis, selected and were used to train supervised classifiers. Using a number of candidate detectors, the true positive rate of detecting malicious code is maximized, while the false positive rate of wrongful detection is minimized. The results of the experiments show that the proposed combined technique has remarkable benefits over the detection using only supervised or unsupervised learners

An intelligence based model for the prevention of advanced cyber-attacks

The trend and motive of Cyber-attacks have gone beyond traditional damages and challenges to information stealing for political and economic gain. With the recent APT (Advance Persistent Threat), which comprises of Zero-day malware, Polymorphic malware, and Blended threat, the task of protecting vita infrastructures are increasingly becoming difficult. This paper proposes an intelligence based technique that combined the traditional signature based detection with the next generation based detection. The proposed model consists of virtual execution environment, detection, and prevention module. The virtual execution environment is designated to analyze and execute a suspected file contains malware while other module inspect, detect, and prevent malware execution based on the intelligent gathering in the central management system (CMS). The model based on Next Generation Malware Detection of creating threat intelligence for future occurrence prevention. The new model shall take into consideration lapses and benefits of the existing detectors

Techniques for analysing android malware

The Android operating system is gaining market share on smartphones and tablets due to its market openness and easier accessibility and operations.Therefore, it is increasingly targeted by malware. This research examines several attack vectors on an android smartphone. Techniques are presented for the analysis of such attack vectors in order to identify and obtain useful features for analysis and classification. Suggestions are offered for appropriate solution. The research recommends appropriate practices to ensure the security of information on an android smartphone

Static code analysis of permission-based features for android malware classification using apriori algorithm with particle swarm optimization

Several machine learning techniques based on supervised learning have been applied to classify malware. However, supervised learning technique has limitations for malware classification task. This paper presents a classification approach on android malware using candidate detectors generated from an unsupervised association rule of Apriori Algorithm. The algorithm is improved with Particle Swarm Optimization that trains three different supervised classifiers. In this method, permission-based features were extracted from Android applications byte-code through static code analysis, selected and were used to train supervised classifiers. Using a number of candidate detectors from an improved Apriori Algorithm with Particle Swarm Optimization, the true positive rate of detecting malicious code is maximized, while the false positive rate of wrongful detection is minimized. The results of the experiments show that the proposed combined technique has better results as compared to using only supervised or unsupervised learners