Android-based malware classification using algorithm with particle swarm optimization /

The detection rate of any malware detection system depends on the quality of selected applications features and feature selection techniques. The basic idea in this thesis is to use apriori algorithm to generate candidates (flagbearers) from the feature set of android applications for classification...

Full description

Saved in:
Bibliographic Details
Main Author: Adebayo, Olawale Surajudeen (Author)
Format: Thesis
Language:English
Published: Kuala Lumpur : Kulliyyah of Information and Communication Techology, International Islamic University Malaysia, 2017
Subjects:
Online Access:http://studentrepo.iium.edu.my/handle/123456789/5625
Tags: Add Tag
No Tags, Be the first to tag this record!
LEADER 043650000a22002890004500
008 170222s2017 my a f m 000 0 eng d
040 |a UIAM  |b eng  |e rda 
041 |a eng 
043 |a a-my--- 
050 0 0 |a QA76.76.C68 
100 1 |a Adebayo, Olawale Surajudeen,  |e author 
245 1 |a Android-based malware classification using algorithm with particle swarm optimization /  |c by Olawale Surajudeen Adebayo 
264 1 |a Kuala Lumpur :  |b Kulliyyah of Information and Communication Techology, International Islamic University Malaysia,  |c 2017 
300 |a xvii, 254 leaves :  |b illustrations ;  |c 30cm. 
336 |2 rdacontent  |a text 
502 |a Thesis (Ph.D)--International Islamic University Malaysia, 2017. 
504 |a Includes bibliographical references (leaves 192-203). 
520 |a The detection rate of any malware detection system depends on the quality of selected applications features and feature selection techniques. The basic idea in this thesis is to use apriori algorithm to generate candidates (flagbearers) from the feature set of android applications for classification into malicious or benign application. Thereafter, association rules are formulated from the generated candidates of android applications for classification. The apriori algorithm has been used in the generation of best features from set of features for apriori association rule, which is used to extract rules from the features of applications for the classification and detection of malware. Apriori algorithm however, needs to be improved in order to enhance the generation of best flagbearers and extraction of rules and thereby increases the detection rate of the detection system. The quality of feature selection techniques also needs to be improved through the use of an adequate and appropriate data model. Previous mobile malware detectors either used permission-based or API-based features for the detection of malicious applications. This malware detection system improved apriori algorithm using particle swarm optimization and permission-based features of android mobile applications to improve the classification system and detection rate of malicious applications. Benign and malicious android applications are gathered separately and permission-based features are extracted from each application. The best features extracted from the applications are selected using apriori algorithm, particle swarm optimization and new model apriori algorithm with particle swarm optimization (AA-PSO). Association rules are generated from the selected features using association rule mining (apriori association rule), FP-Growth association rule, sequential rule mining (CMRules), and new model apriori association rule with particle swarm optimization (AAR-PSO) and used to train seven different classification algorithms. The rules are partitioned into training and test set and used for data training and testing, cross-validation, and resubstitution training accordingly. The results showed that using the candidates generated from the proposed model AA-PSO with most classification algorithms and classification techniques, the rate of true positive detection is considerably high while the false positive alarm is low. The model AA-PSO also performs better in terms of time and memory consumption compare to AA and PSO. The classification results show that the new model apriori association rules and particle swarm optimization (AAR-PSO) has better results of accuracy and true positive detection rate of 98.17% and 98.25% than PSO (97.63% and 98.07%), AAR ( 94.44% and 97.87%), CMR (97.71% and 96.34%), FP-Growth (95.80% and 96.08%), respectively. 
596 |a 1 
655 7 |a Theses, IIUM local 
690 |a Dissertations, Academic  |x Kulliyyah of Information and Communication Technology  |z IIUM 
710 2 |a International Islamic University Malaysia.  |b Kulliyyah of Information and Communication Technology 
856 4 |u http://studentrepo.iium.edu.my/handle/123456789/5625 
900 |a sbh-aaz-ls 
999 |c 436464  |d 470158 
952 |0 0  |6 T QA 000076.76 C68 A228A 2017  |7 0  |8 THESES  |9 761545  |a IIUM  |b IIUM  |c MULTIMEDIA  |g 0.00  |o t QA 76.76 C68 A228A 2017  |p 11100355181  |r 2017-10-17  |t 1  |v 0.00  |y THESIS 
952 |0 0  |6 TS CDF QA 76.76 C68 A228A 2017  |7 0  |8 THESES  |9 855519  |a IIUM  |b IIUM  |c MULTIMEDIA  |g 0.00  |o ts cdf QA 76.76 C68 A228A 2017  |p 11100355182  |r 2018-08-10  |t 1  |v 0.00  |y THESISDIG