Apk2Audio4AndMal: Audio Based Malware Family Detection Framework

Creative Commons License

Kural O. E., Kılıç E., Aksac C.

IEEE ACCESS, cilt.11, ss.27527-27535, 2023 (SCI-Expanded) identifier identifier

  • Yayın Türü: Makale / Tam Makale
  • Cilt numarası: 11
  • Basım Tarihi: 2023
  • Doi Numarası: 10.1109/access.2023.3258377
  • Dergi Adı: IEEE ACCESS
  • Derginin Tarandığı İndeksler: Science Citation Index Expanded (SCI-EXPANDED), Scopus, Compendex, INSPEC, Directory of Open Access Journals
  • Sayfa Sayıları: ss.27527-27535
  • Anahtar Kelimeler: Feature extraction, Malware, Operating systems, Classification algorithms, Static analysis, Bandwidth, Spectrogram, Android, malware detection, family classification, audio based, feature selection, machine learning
  • Ondokuz Mayıs Üniversitesi Adresli: Evet

Özet

Due to Android's popularity, cybercriminals view it as a lucrative target. Malwares with varying behavior patterns that specifically target user routines are constantly entering the market. Because of this, knowing how to identify different forms of malware is crucial for protecting against it. This paper proposes an audio-based malware family detection approach to achieve this goal. Android applications were converted to audio files in.wav format, and their audio-based features were extracted. Then, CFS-Subset, ReliefF, Information Gain, and Gain Ratio feature selection methods were applied to the extracted features. By examining the subsets obtained, features with high discrimination in Android malware family detection were determined. Classification experiments were conducted with the dataset created by randomly selected 500 samples from 8 families in AMD and Drebin datasets. Experiments with five different classifiers showed that effective malware family classification could be made with a small number of features in the audio domain.