Detection of Android Malware based on Sequence Alignment of Permissions

  • Franklin Tchakounté Faculty of Science, University of Ngaoundéré, Ngaoundéré, Cameroon
  • Albert Djakene Wandala Faculty of Science, University of Ngaoundéré, Ngaoundéré, Cameroon
  • Yélémou Tiguiane Higher School of Computer Science, Université Nazi BONI, Bobo-Dioulasso, Burkina Faso
Keywords: Sequence alignment, permissions, Android, malicious, normal

Abstract

Permissions control accesses to critical resources on Android. Any weaknesses from their exploitation can be of great interest to attackers. Investigation about associations of permissions can reveal some patterns against attacks. In this regards, this paper proposes an approach based on sequence alignment between requested permissions to identify similarities between applications. Permission patterns for malicious and normal samples are determined and exploited to evaluate a similarity score. The nature of an application is obtained based on a threshold, judiciously computed. Experiments have been realized with a dataset of 534 malicious samples (300 training and 234 testing) and 534 normal samples (300 training and 234 testing). Our approach has been able to recognize testing samples (either malware or normal) with an accuracy of 79%, an average precision of 76% and an average recall of 75%. This research reveals that sequence alignment can improve malware detection research.

References

Statista, “Smartphone unit shipments worldwide by operating system from 2016 to 2022 (in million units),” 2019. [Online]. Available: https://www.statista.com/statistics/309448/global-smartphone-shipments-forecast-operating-system/. [Accessed: 17-Jul-2019].

GDATA, “Some 343 new Android malware samples every hour in 2017,” 2018. [Online]. Available: https://www.gdatasoftware.com/blog/2018/02/30491-some-343-new-android-malware-samples-every-hour-in-2017. [Accessed: 28-Jul-2019].

Android developers, “Permissions overview,” 2019. [Online]. Available: https://developer.android.com/guide/topics/permissions/overview. [Accessed: 17-Jul-2019].

J. Li, L. Sun, Q. Yan, Z. Li, W. Srisa-An, and H. Ye, “Significant Permission Identification for Machine-Learning-Based Android Malware Detection,” IEEE Transactions on Industrial Informatics, vol. 14, no. 7, pp. 3216–3225, Jul. 2018.

A. Qamar, A. Karim, and V. Chang, “Mobile Malware Attacks: Review, Taxonomy & Future Directions,” Future Generation Computer Systems, vol. 97, pp. 887–909, Aug. 2019.

B. Sarma, N. Li, C. Gates, R. Potharaju, C. Nita-Rotaru, and I. Molloy, “Android Permissions: A Perspective Combining Risks and Benefits,” in Symposium on Access control Models and Technologies, 2012, pp. 13–22.

J. Li, L. Sun, Q. Yan, Z. Li, W. Srisa-an, and H. Ye, “Significant Permission Identification for Machine-Learning-Based Android Malware Detection,” IEEE Transactions on Industrial Informatics, vol. 14, no. 7, pp. 3216–3225, Jul. 2018.

S. Arshad, M. A. Shah, A. Wahid, A. Mehmood, H. Song, and H. Yu, “SAMADroid: A Novel 3-Level Hybrid Malware Detection Model for Android Operating System,” IEEE Access, vol. 6, pp. 4321–4339, 2018.

Y. Aafer, W. Du, and H. Yin, “DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android,” Springer, Cham, 2013, pp. 86–103.

A. Alshehri, P. Marcinek, A. Alzahrani, H. Alshahrani, and H. Fu, “PUREDroid: Permission Usage and Risk Estimation for Android Applications,” in Proceedings of the 2019 3rd International Conference on Information System and Data Mining - ICISDM 2019, 2019, pp. 179–184.

M. Al Jutail, M. Al-Akhras, and A. Albesher, “Associated Risks in Mobile Applications Permissions,” Journal of Information Security, vol. 10, pp. 69–90, 2019.

A. Zielezinski, S. Vinga, J. Almeida, and W. M. Karlowski, “Alignment-free sequence comparison: benefits, applications, and tools.,” Genome biology, vol. 18, no. 1, p. 186, 2017.

M. Vijini, “Pairwise Sequence Alignment using Biopython – Towards Data Science,” 2017. [Online]. Available: https://towardsdatascience.com/pairwise-sequence-alignment-using-biopython-d1a9d0ba861f. [Accessed: 02-Mar-2019].

J. M. Vidal, M. A. S. Monge, and L. J. G. Villalba, “A novel pattern recognition system for detecting Android malware by analyzing suspicious boot sequences,” Knowledge-Based Systems, vol. 150, pp. 198–217, Jun. 2018.

Djakene, “Malwares-Detection-based-on-sequences-alignment-of-permissions,” 2019. [Online]. Available: https://github.com/djakene/Malwares-Detection-based-on-sequences-alignment-of-permissions. [Accessed: 01-Aug-2019].

D. Arp, M. Spreitzenbarth, M. Hübner, H. Gascon, and K. Rieck, “Drebin: Effective and Explainable Detection of Android Malware in Your Pocket,” in Proceedings 2014 Network and Distributed System Security Symposium, 2014.

Published
2019-09-17
How to Cite
Tchakounté, F., Djakene Wandala, A., & Tiguiane, Y. (2019). Detection of Android Malware based on Sequence Alignment of Permissions. International Journal of Computer (IJC), 35(1), 26-36. Retrieved from https://ijcjournal.org/index.php/InternationalJournalOfComputer/article/view/1455
Section
Articles