Modeling A Malware Detection And Categorization System Based On Seven Network Flow-Based Features


Modeling A Malware Detection And Categorization System Based On Seven Network Flow-Based Features


Although several models have been developed for detecting and categorizing malicious Android applications, most network-based frameworks utilize long lists of network features to achieve an average classification accuracy (85.09%), and precision (89.10%). Our proposed model streamlines these lists to seven network flow-based features and achieved an average classification accuracy of (93.62%), success rate (92.68%), and a false positive (0.083). Experiments were carried out to evaluate the performance of three machine learning algorithms (Naive Bayes, J48 and, Random Forest) thereby identifying the best learner(s). Different sizes of training data were also considered for different experiments in other to evaluate learning rates based on different data sizes. At the end of our experiments, we identified seven top network flow-based features that can be used to effectively detect and categorize android malware. Keywords: Network flow-based features, machine learning, Android malware, malware detection, and classification, a malware family

Joshua Sopuru, Arif Sari, Murat Akkaya



As technology continues to grow, several applications have been developed to run on different smartphones. It is noticeable that as these technologies upgrade their user interface/interaction has developed rapidly over time. Due to increased benefits in mobility, wide area networks, social media, online banking, etc, the usage of mobile devices is on a steady rise. According to the Ericsson company report,
before the year 2020 subscription made by smartphones will increase to not less than six billion with mobile networks generating more than 80% of traffic [1]. Furthermore, it is known that about 96% of mobile traffic is generated by Apple and Android OS, of which Android shares 50% of it [2]. However, the fact that the increase in the development of smartphones tends to be rapid does not change the fact that there have been problems in its development. First, due to the increase in demand for well-produced smart-phones, a large market has been opened for malicious software development. Secondly, since Android is open-source, it has become vulnerable to attacks and has been used to steal personal information from users. More so, applications designed for malicious intents have affected the use of smartphones as vendors who had fallen victim to an attack are careful to purchase new applications as their activities can be monitored and private Information stolen.


There are no reviews yet.

Be the first to review “Modeling A Malware Detection And Categorization System Based On Seven Network Flow-Based Features”

Your email address will not be published. Required fields are marked *