An Efficient Sieve Technique In Mobile Malware Detection

An Efficient Sieve Technique In Mobile Malware Detection

Proliferation of mobile devices in the market has radically changed the way people handle their daily life activities.Rapid growth of mobile device technology has enabled users to use mobile device for various purposes such as web browsing,ubiquitous services,social networking,MMS and many more.Nowa...

Full description

Saved in:
Bibliographic Details
Main Author: Mas'ud, Mohd Zaki
Format: Thesis
Language:English
English
Published: 2018
Subjects:
T Technology (General)
Online Access:http://eprints.utem.edu.my/id/eprint/23684/1/An%20Efficient%20Sieve%20Technique%20In%20Mobile%20Malware%20Detection.pdf
http://eprints.utem.edu.my/id/eprint/23684/2/An%20Efficient%20Sieve%20Technique%20In%20Mobile%20Malware%20Detection.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
id my-utem-ep.23684
record_format uketd_dc
institution Universiti Teknikal Malaysia Melaka
collection UTeM Repository
language English
English
advisor Sahib, Shahrin
topic T Technology (General)
T Technology (General)
spellingShingle T Technology (General)
T Technology (General)
Mas'ud, Mohd Zaki
An Efficient Sieve Technique In Mobile Malware Detection
description Proliferation of mobile devices in the market has radically changed the way people handle their daily life activities.Rapid growth of mobile device technology has enabled users to use mobile device for various purposes such as web browsing,ubiquitous services,social networking,MMS and many more.Nowadays,Google’s Android Operating System has become the most popular choice of operating system for mobile devices since Android is an open source and easy to use.This scenario has also ignited possibility of malicious programs to exploit mobile devices and consequently expose any sensitive transaction made by the user.A malware ability to quickly evolve has made mobile malware detection a more complex. Antivirus and signature based IDS require a constant signature database update to keep up with the new malware,thus exhausting a mobile device’s resources.Even though,an anomaly-based detection can overcome this matter,an anomaly detection still produces a high amount of false alarms.Therefore,this research aims to improve Mobile Malware Detection by improving the accuracy,True Positive and True Negative as well as minimizing the False Positive rate using an n-gram system call sequence approach and a sieve technique.This research analyses the behaviour and traces of mobile malware application activity dynamically as mobile malware is executed on a mobile platform.Analysis done on mobile malware activity shows behaviour and traces of benign and malicious mobile applications are able to be distinctively classified through invocation of system call to a kernel level system by a mobile application.However,an n-gram system call sequence generated by this approach can contribute to a large amount of logged features that can consume a mobile device’s memory and storage.Hence this research, introduces a sieve technique in Mobile Malware Detection process in order to search for an optimum set of n-gram system call.In order to evaluate the performance of the proposed approach Accuracy,True Positive Rate,True Negative Rate,False Positive Rate and Receiver Operating Characteristic curve are measured with dataset of mobile malware from Malware Gnome Project and benign mobile application from Google Play Store.The experiment finding indicates the 3-gram system call sequence is capable of improving Mobile Malware Detection performance in terms of accuracy as well as minimizing the false alert.Whereas the sieve technique is able to reduce number of ngram system call features and providing an optimize 3-gram system call sequence features.The outcome indicate that a Mobile Malware Detection using 3-gram system call sequence as features and sieve technique is able to be used in improving a Mobile Malware Detection in classifying the benign and malicious mobile applications. The evaluation and validation shows that a Mobile Malware Detection using 3-gram system call sequence with sieve technique improve the classification performance.As a conclusion the 3-gram system call sequence Mobile Malware Detection with sieve technique is capable of classifying the benign and malicious mobile application more accurately and at the same time minimizing the false alarm.
format Thesis
qualification_name Doctor of Philosophy (PhD.)
qualification_level Doctorate
author Mas'ud, Mohd Zaki
author_facet Mas'ud, Mohd Zaki
author_sort Mas'ud, Mohd Zaki
title An Efficient Sieve Technique In Mobile Malware Detection
title_short An Efficient Sieve Technique In Mobile Malware Detection
title_full An Efficient Sieve Technique In Mobile Malware Detection
title_fullStr An Efficient Sieve Technique In Mobile Malware Detection
title_full_unstemmed An Efficient Sieve Technique In Mobile Malware Detection
title_sort efficient sieve technique in mobile malware detection
granting_institution UTeM
granting_department Faculty Of Information And Communication Technology
publishDate 2018
url http://eprints.utem.edu.my/id/eprint/23684/1/An%20Efficient%20Sieve%20Technique%20In%20Mobile%20Malware%20Detection.pdf
http://eprints.utem.edu.my/id/eprint/23684/2/An%20Efficient%20Sieve%20Technique%20In%20Mobile%20Malware%20Detection.pdf
_version_ 1747834053556436992
spelling my-utem-ep.236842022-02-04T08:47:28Z An Efficient Sieve Technique In Mobile Malware Detection 2018 Mas'ud, Mohd Zaki T Technology (General) TK Electrical engineering. Electronics Nuclear engineering Proliferation of mobile devices in the market has radically changed the way people handle their daily life activities.Rapid growth of mobile device technology has enabled users to use mobile device for various purposes such as web browsing,ubiquitous services,social networking,MMS and many more.Nowadays,Google’s Android Operating System has become the most popular choice of operating system for mobile devices since Android is an open source and easy to use.This scenario has also ignited possibility of malicious programs to exploit mobile devices and consequently expose any sensitive transaction made by the user.A malware ability to quickly evolve has made mobile malware detection a more complex. Antivirus and signature based IDS require a constant signature database update to keep up with the new malware,thus exhausting a mobile device’s resources.Even though,an anomaly-based detection can overcome this matter,an anomaly detection still produces a high amount of false alarms.Therefore,this research aims to improve Mobile Malware Detection by improving the accuracy,True Positive and True Negative as well as minimizing the False Positive rate using an n-gram system call sequence approach and a sieve technique.This research analyses the behaviour and traces of mobile malware application activity dynamically as mobile malware is executed on a mobile platform.Analysis done on mobile malware activity shows behaviour and traces of benign and malicious mobile applications are able to be distinctively classified through invocation of system call to a kernel level system by a mobile application.However,an n-gram system call sequence generated by this approach can contribute to a large amount of logged features that can consume a mobile device’s memory and storage.Hence this research, introduces a sieve technique in Mobile Malware Detection process in order to search for an optimum set of n-gram system call.In order to evaluate the performance of the proposed approach Accuracy,True Positive Rate,True Negative Rate,False Positive Rate and Receiver Operating Characteristic curve are measured with dataset of mobile malware from Malware Gnome Project and benign mobile application from Google Play Store.The experiment finding indicates the 3-gram system call sequence is capable of improving Mobile Malware Detection performance in terms of accuracy as well as minimizing the false alert.Whereas the sieve technique is able to reduce number of ngram system call features and providing an optimize 3-gram system call sequence features.The outcome indicate that a Mobile Malware Detection using 3-gram system call sequence as features and sieve technique is able to be used in improving a Mobile Malware Detection in classifying the benign and malicious mobile applications. The evaluation and validation shows that a Mobile Malware Detection using 3-gram system call sequence with sieve technique improve the classification performance.As a conclusion the 3-gram system call sequence Mobile Malware Detection with sieve technique is capable of classifying the benign and malicious mobile application more accurately and at the same time minimizing the false alarm. 2018 Thesis http://eprints.utem.edu.my/id/eprint/23684/ http://eprints.utem.edu.my/id/eprint/23684/1/An%20Efficient%20Sieve%20Technique%20In%20Mobile%20Malware%20Detection.pdf text en public http://eprints.utem.edu.my/id/eprint/23684/2/An%20Efficient%20Sieve%20Technique%20In%20Mobile%20Malware%20Detection.pdf text en validuser http://plh.utem.edu.my/cgi-bin/koha/opac-detail.pl?biblionumber=113016 phd doctoral UTeM Faculty Of Information And Communication Technology Sahib, Shahrin 1. Aafer, Y., Du, W. and Yin, H., 2013. DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android. In Security and Privacy in Communication Networks, pp. 86-103. Springer International Publishing. 2. Abdulhayoglu, M. A., Thijs, B. and Jeuris, W., 2016. Using Character N-Grams to Match a List of Publications to References in Bibliographic Databases. Scientometrics, 109(3), pp. 1525-1546. 3. Abela, K. J., Alas, J. R. D., Angeles, D. K., Tolentino, R. J., and Gomez, M. A., 2013. Automated Malware Detection for Android AMDA. In The Second International Conference on Cyber Security, Cyber Peacefare and Digital Forensic (CyberSec2013), pp. 180-188. 4. Afonso, V.M., de Amorim, M.F., Grégio, A.R.A., Junquera, G. B. and de Geus, P.L., 2015. Identifying Android Malware Using Dynamically Obtained Features. Journal of Computer Virology and Hacking Techniques, 11(1), pp. 9-17. 5. Ali, S. and Smith, K.A., 2006. On Learning Algorithm Selection for Classification. Applied Soft Computing, 6(2), pp. 119-138. 6. Almgren, M. and Lindqvist, U., 2001. Application-integrated data collection for security monitoring. In Recent Advances in Intrusion Detection, pp. 22-36. 7. Amaral, A.M.M.M., Freitas, C.O.D.A. and Bortolozzi, F., 2013. Feature Selection for Forensic Handwriting Identification. 12th International Conference on Document Analysis and Recognition (ICDAR) 2013, pp. 922-926. 8. Android Githubs, 2016. android/platform_bionic. [online] Available at: https://github.com/android/platform_bionic/blob/master/libc/SYSCALLS.TXT. [Accessed 5 May 2016] 9. Armando, A., Merlo, A. and Verderame, L., 2013. An Empirical Evaluation of the Android Security Framework. In Security and Privacy Protection in Information Processing Systems, pp. 176-189. Springer Berlin Heidelberg. 10. Arp, D., Spreitzenbarth, M., Hübner, M., Gascon, H. and Rieck, K., 2014. Drebin: Efficient and Explainable Detection of Android Malware in Your Pocket. Proc. of 17th Network and Distributed System Security Symposium (NDSS). 11. Atzeni, S., Dimjašević, M., Schreiner, C. and Wang, Y., 2013. Automatic Malware Detection for Android. University of UTAH CS5350/CS6350 Conference on Machine Learning 2013. 12. Aycock, J., 2006. Computer viruses and malware, Vol. 22. Springer Science and Business Media. 13. Balakrishnan, S. and Narayanaswamy, R., 2009. Feature Selection Using Fcbf in Type ii Diabetes Databases. In International Journal of the Computer, the Internet and the Management, 17, pp. 50.1-50.8. 14. Barnum, S. and Sethi, A., 2006. Introduction to Attack Patterns. Technical Report from Cigital, Inc. 15. Boser, B.E., Guyon, I.M. and Vapnik, V.N., 1992. A Training Algorithm for Optimal Margin Classifiers. In Proceedings of the 5th Annual Workshop on Computational learning theory. ACM. 16. Brill, F. Z., Brown, D. E. and Martin, W. N., 1992. Fast Generic Selection of Features for Neural Network Classifiers. In Neural Networks, IEEE Transactions, 3(2), pp. 324-328. 17. Bryman A., 1988. Quantity and Quality m Social Research Routledge, London and New York. 18. Burdett, J., 2000. Changing Channels: Using the Electronic Meeting System to Increase Equity in Decision Making. In Information Technology, Learning, and Performance Journal, 18(2), pp. 3. 19. Burguera, I., Zurutuza, U. and Nadjm-Tehrani, S., 2011. Crowdroid: Behavior-Based Malware Detection System for Android. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pp. 15-26. ACM. 20. Canfora, G., De Lorenzo, A., Medvet, E., Mercaldo, F. and Visaggio, C. A., 2015. Effectiveness of Opcode n-grams For Detection of Multifamily Android Malware. In 10th International Conference Availability, Reliability and Security (ARES), 2015, pp. 333-340. IEEE. 21. Canfora, G., Medvet, E., Mercaldo, F. and Visaggio, C. A., 2016. Acquiring and Analyzing App Metrics for Effective Mobile Malware Detection. In Proceedings of the 2016 ACM on International Workshop on Security and Privacy Analytics, pp. 50-57. ACM. 22. Carlos A. Castillo, 2013. Android Malware Past, Present, and Future. [online] Available at: http://www.mcafee.com/us/resources/white-papers/wp-Android-malware-past-present-future.pdf. [Accessed 12 March 2013] 23. Cavnar, W.B. and Trenkle, J.M., 1994. n-gram-Based Text Categorization. In Proceedings of the third symposium on document analysis and information retrieval Las Vegas, pp. 161–175. NV: UNLV Publications/Reprographics. 24. Chan, P.P., Hui, L.C. and Yiu, S.M., 2012. Droidchecker: Analyzing Android Applications for Capability Leak. In Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks, pp. 125-136. ACM. 25. Chandrashekar, G. and Sahin, F., 2014. A Survey on Feature Selection Methods. Computers and Electrical Engineering, 40(1), pp. 16-28. 26. Chih-Chung, C. and Chih-Jen, L., 2011. LIBSVM: A Library for Support Vector Machines. ACM Transaction Intelligent Systems Technology, 2(3), pp. 1-27. 27. Christodorescu, M., Jha, S., Seshia, S.A., Song, D. and Bryant, R.E., 2005. Semantics-Aware Malware Detection. In Proceedings of the IEEE Symposium on Security and Privacy, 2005, pp. 42-46. 28. Cortes, C. and Vapnik, V., 1995. Support Vector Machine. Machine Learning, 20(3), pp. 273-297. 29. Creswell, J. W., 2003. Research Design Qualitative, Quantitative and Mixed Methods Approaches (2nd Ed.). Thousand Oaks, California: Sage Publications Inc. 30. Dash, M. and Liu, H., 1997. Feature Selection for Classification. Intelligent data analysis, 1(1), pp.131-156. 31. Dash, S. K., Suarez-Tangil, G., Khan, S., Tam, K., Ahmadi, M., Kinder, J. and Cavallaro, L., 2016. Droidscribe: Classifying Android Malware Based On Runtime Behavior. In 2016 IEEE Security and Privacy Workshops (SPW), pp. 252-261. IEEE. 32. Denis Maslennikov and Yury Namestnikov , Kaspersky Security Bulletin 2012. The overall statistics for 2012, (Securelist), [on-line] Available at: http://www.securelist.com/en/analysis/204792255/Kaspersky_Security_Bulletin_2012_The_overall_statistics_for_2012#1. [Accessed 25 July 2013] 33. Dini, G., Martinelli, F., Saracino, A. and Sgandurra, D., 2013. Probabilistic Contract Compliance for Mobile Applications. In Eight International Conference on Availability, Reliability and Security (ARES), 2013, pp. 599-606. IEEE. 34. Dini, G., Martinelli, F., Saracino, A. and Sgandurra, D., 2012. Madam: A Multi-Level Anomaly Detector for Android Malware. In Computer Network Security, pp. 240-253. Springer Berlin Heidelberg. 35. Distler, D., 2013. Malware Analysis: An Introduction. [online] Available at: https://www.sans.org/reading-room/whitepapers/malicious/malware-analysis-introduction-2103. SANS Institute InfoSec Reading Room. [Accessed 15 August 2013] 36. Dixon, B., and Mishra, S., 2013. Power Based Malicious Code Detection Techniques for Smartphones. In 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 201, pp. 142-149. IEEE. 37. Dorff, K. C., Chambwe, N., Srdanovic, M. and Campagne, F., 2010. BDVal: Reproducible Large-Scale Predictive Model Development and Validation in High-Throughput Datasets. Bioinformatics, 26(19), pp. 2472-2473. 38. Emmanuel, H., 2006. Experimental Validation and Analysis of an Intelligent Detection and Response Strategy to False Positives and Network Attacks. In Proceedings of the IEEE Intelligence and Security Informatics Conference (ISI 2006), pp. 711-714. 39. Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P. and Sheth, A.N., 2014. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Transactions on Computer Systems (TOCS), 32(2). 40. Enck, W., Ongtang, M. and McDaniel, P. D., 2009. Understanding Android Security. In IEEE Security and Privacy, 7(1), pp. 50-57. 41. Enck, W., Ongtang, M. and McDaniel, P., 2009. On lightweight mobile phone application certification. In Proceedings of the 16th ACM conference on Computer and communications security, pp. 235-245. ACM. 42. Eset antivirus, 2011. Android/DroidKungFu. [on-line] Available at: http://www.virusradar.com/en/Android_DroidKungFu.A/description.[Accessed 2 February 2015] 43. Fan, R. E., Chang, K. W., Hsieh, C. J., Wang, X. R. and Lin, C. J., 2008. LIBLINEAR: A Library for Large Linear Classification. Journal of Machine Learning Research, pp. 1871-1874. 44. Farmer, D., and Venema, W., 2005. Forensic discovery (vol. 6). Upper Saddle River: Addison-Wesley. 45. Faruki, P., Ganmoor, V., Laxmi, V., Gaur, M. S. and Bharmal, A., 2013. AndroSimilar: Robust Statistical Feature Signature for Android Malware Detection. In Proceedings of the 6th International Conference on Security of Information and Networks, pp. 152-159. ACM. 46. Feizollah, A., Anuar, N. B., Salleh, R. and Amalina, F., 2014. Comparative Study of K-Means and Mini Batch K-Means Clustering Algorithms in Android Malware Detection Using Network Traffic Analysis. International Symposium on Biometrics and Security Technologies (ISBAST), 2014, pp. 193-197. IEEE. 47. Feizollah, A., Anuar, N.B., Salleh, R., Amalina, F., Ma’arof, R.U.R. and Shamshirband, S., 2014. A Study of Machine Learning Classifiers for Anomaly-Based Mobile Botnet Detection. Malaysian Journal of Computer Science, 26(4). 48. Feizollah, A., Anuar, N. B., Salleh, R., Suarez-Tangil, G. and Furnell, S., 2017. Androdialysis: Analysis of Android Intent Effectiveness in Malware Detection. Computers and Security, 65, pp. 121-134. 49. Feldman, S., Stadther, D. and Wang, B., 2014, October. Manilyzer: Automated Android Malware Detection Through Manifest Analysis. In IEEE 11th International Conference on Mobile Ad Hoc and Sensor Systems (MASS), 2014, pp. 767-772. IEEE. 50. Felt, A. P., Finifter, M., Chin, E., Hanna, S. and Wagner, D., 2011. A Survey of Mobile Malware in the Wild. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pp. 3-14. ACM. 51. Felt, A. P., Ha, E., Egelman, S., Haney, A., Chin, E. and Wagner, D., 2012. Android Permissions: User Attention, Comprehension, and Behavior. In Proceedings of the Eighth Symposium on Usable Privacy and Security. ACM. 52. Feng, Y., Anand, S., Dillig, I. and Aiken, A., 2014. Apposcopy: Semantics-Based Detection of Android Malware through Static Analysis. In Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 576-587. ACM. 53. Fernandez, E., Pelaez, J. and Larrondo-Petrie, M., 2007. Attack patterns: A New Forensic and Design Tool. Proceedings of the International Federation for Information Processing, pp. 345-357. 54. Field, A., 2013. Discovering Statistics Using IBM SPSS Statistics, 4th Revised edition. Sage Publications Ltd., London. 55. Firdausi, I., Erwin, A. and Nugroho, A.S., 2010. Analysis of Machine Learning Techniques Used in Behavior-Based Malware Detection. In Second International Conference on Advances in Computing, Control and Telecommunication Technologies (ACT), 2010, pp. 201-203. IEEE. 56. Flake, G. W. and Lawrence, S., 2002. Efficient SVM Regression Training with SMO. Machine Learning, 46(1-3), pp. 271-290. 57. Forni A.A. and Meulen R. V.D., 2017. Gartner Says Worldwide Sales of Smartphones Grew 9 Percent in First Quarter of 2017. [online] Available at: http://www.gartner.com/newsroom/id/3725117. [Accessed 30 May 2017] 58. Fortiguard Center., 2012. Threat Encyclopedia. [online] Available at: https://fortiguard.com/encyclopedia . [Accessed 2 February 2015] 59. F-secure, 2012. Trojan:Android/DroidKungFu.C. [online] Available at: https://www.f-secure.com/v-descs/trojan_android_droidkungfu_c.shtml. [Accessed 2 February 2015] 60. Fuchs, A.P., Chaudhuri, A. and Foster, J.S., 2009. Scandroid: Automated Security Certification of Android Applications. Technical report, University of Maryland, Nov. 2009. 61. Garcia, J., Hammad, M. and Malek, S., 2018. Lightweight, Obfuscation-Resilient Detection and Family Identification of Android Malware. In ACM Transactions on Software Engineering and Methodology (TOSEM), 26(3). 62. Gascon, H., Yamaguchi, F., Arp, D. and Rieck, K., 2013. Structural Detection of Android Malware Using Embedded Call Graphs. In Proceedings of the 2013 ACM workshop on Artificial intelligence and security, pp. 45-54. ACM. 63. Goasduff, L. and Pettey, C., 2012. Gartner Says Worldwide Sales of Mobile Phones Declined 2 percent in Fisrt Quarter of 2012. [online] Available at: http://www.gartner.com/it/page.jsp?id=2017015. [Accessed 12 September 2012] 64. Grace, M., Zhou, Y., Zhang, Q., Zou, S. and Jiang, X., 2012. Riskranker: Scalable and Accurate Zero-Day Android Malware Detection. In Proceedings of the 10th international conference on Mobile systems, applications, and services, pp. 281-294. ACM. 65. Grauman, K. and Darrell, T., 2005. The Pyramid Match Kernel: Discriminative Classification with Sets of Image Features. In Tenth IEEE International Conference on Computer Vision (ICCV), 2005. IEEE. 66. Greene, J.C., Caracelli, V.J. and Graham, W.F., 1989. Toward A Conceptual Framework for Mixed Method Evaluation Designs. Educational Evaluation and Policy Analysis, 11(3), pp. 255-274. 67. Hanke, M., Halchenko, Y.O., Sederberg, P.B., Hanson, S.J., Haxby, J.V. and Pollmann, S., 2009. PyMVPA: A Python Toolbox for Multivariate Pattern Analysis of fMRI Data. Neuroinformatics, 7(1), pp. 37-53. 68. Holmes, G., Donkin, A. and Witten, I.H., 1994. Weka: A Machine Learning Workbench. In Proceedings of the 1994 Second Australian and New Zealand Conference on Intelligent Information Systems, 1994, pp. 357-361. IEEE. 69. Hou, S., Saas, A., Chen, L. and Ye, Y., 2016. Deep4maldroid: A Deep Learning Framework for Android Malware Detection Based On Linux Kernel System Call Graphs. IEEE/WIC/ACM International Conference on Web Intelligence Workshops (WIW), 2016, pp. 104-111. IEEE. 70. Hsu, H.-H., Hsieh, C.-W. and Lu, M.-D., 2011. Hybrid Feature Selection by Combining Filters and Wrappers. Expert Systems with Applications, 38(7), pp. 8144-8150. 71. Hussey, J. and Hussey, R., 1997. Business Research: A Practical Guide for Undergraduate and Postgraduate Students. Macmillan Business. 72. Idrees, F., Rajarajan, M., Conti, M., Chen, T.M. and Rahulamathavan, Y., 2017. PIndroid: A Novel Android Malware Detection System Using Ensemble Learning Methods. Computers and Security, 68, pp. 36-46. 73. International Telecommunications Union (ITU), 2016. ICT Facts Figures 2016. [online] Available at: http://www.itu.int/en/ITU-D/Statistics/Documents/facts/ICTFactsFigures2016.pdf.[Accessed 2 February 2017] 74. Isohara, T., Takemori, K. and Kubota, A., 2011. Kernel-Based Behavior Analysis for Android Malware Detection. In Seventh International Conference on Computational Intelligence and Security (CIS), 2011, pp. 1011-1015. IEEE. 75. Jacob, A. and Gokhale, M., 2007. Language Classification using n-grams Accelerated by fpga-Based Bloom Filters. In Proceedings of the 1st international workshop on High-performance reconfigurable computing technology and applications: held in conjunction with SC07, pp. 31-37. ACM. 76. Jiang X., 2012. An Evaluation of the Application Verification Service in Android 4.2. [online] Available at: Available: http://www.cs.ncsu.edu/faculty/jiang/appverify/. [Accessed 12 December 2012] 77. Juniper Networks, 2012. Juniper Network Mobile Threat Center 2011 Mobile Threats Report. [online] Available at: http://www.juniper.net/us/en/local/pdf/additional-resources/jnpr-2011-mobile-threats-report.pdf. [Accessed 25 May 2012] 78. Jurafsky, D. and Martin, J. H, 2014. Speech and Language Processing (Vol. 3). London Pearson. 79. Kaspersky Research Lab Team, 2017. Kaspersky Security Bulletin 2009-2017. [online] Available at: https://securelist.com/all/?category=437. [Accessed 2 February 2017] 80. Kent, K., Chevalier, S., Grance, T. and Dang., H., 2006. Guide to Integrating Forensic Techniques into Incident Response. Technical Report for National Institute of Standards and Technology (NIST), USA. 81. Kim, H. and Park, H., 2003. Protein Secondary Structure Prediction Based on An Improved Support Vector Machines Approach. Protein Engineering, 16(8), pp. 553-560. 82. Ko, B., Choi, D., Choi, C., Choi, J. and Kim, P., 2012. Document Classification through Building Specified n-gram. Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2012, pp. 171-176. IEEE. 83. Ko, C., Fink, G. and Levitt, K., 1994. Automated Detection of Vulnerabilities in Privileged Programs by Execution Monitoring. In 10th Annual Conference Proceedings on Computer Security Applications, 1994, pp. 134-144. IEEE. 84. Ko, C., Ruschitzka, M. and Levitt, K., 1997. Execution Monitoring of Security Critical Programs in Distributed Systems: A Specification-Based Approach. Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp. 175-187. 85. Kohavi, R. and John, G. H., 1997. Wrappers for feature subset selection. Artificial Intelligence, 97(1), pp 273-324. 86. Kotsiantis, S.B., Zaharakis, I. and Pintelas, P., 2007. Supervised Machine Learning: A Review of Classification Techniques. Emerging Artificial Intelligence Applications in Computer Engineering, 2007,160, pp 3-24. 87. Kudo, M. and Sklansky, J., 2000. Comparison of Algorithms that Select Features for Pattern Classifiers. Pattern Recognition, 33(1), pp. 25-41. 88. La Polla, M., Martinelli, F. and Sgandurra, D., 2013. A Survey on Security for Mobile. In IEEE Communications Surveys and Tutorials, 15(1), pp. 446-471. 89. Leavitt, N., 2005. Mobile phones: the next frontier for hackers?. Computer, 38(4), pp. 20-23. 90. Liao, H.J., Lin, C.H.R., Lin, Y.C. and Tung, K.Y. (2013). Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications, 36(1), pp 16-24. 91. Lindqvist, U. and Porras, P. A., 2001. eXpert-BSM: A Host-Based Intrusion Detection Solution for Sun Solaris. In 17th Annual Conference Proceedings on Computer Security Applications (ACSAC), 2001, pp. 240-251. IEEE. 92. Liu, H., Dougherty, E.R., Dy, J.G., Torkkola, K., Tuv, E., Peng, H., Ding, C., Long, F., Berens, M., Parsons, L. and Zhao, Z., 2005. Evolving Feature Selection. In IEEE Intelligent systems, 20(6), pp. 64-76. 93. López, C.C.U. and Cadavid, A.N., 2016. Framework for Malware Analysis in Android. Sistemas & Telemática, 14(37), pp. 45-56. 94. Makrushin, A., Scheidat, T. and Vielhauer, C., 2012. Improving Reliability of Biometric Hash Generation through the Selection of Dynamic Handwriting Features. In Transactions on Data Hiding and Multimedia Security VIII, pp. 19-41. Springer, Berlin, Heidelberg. 95. McLaughlin, N., Martinez Del Rincon, J., Kang, B., Yerima, S., Miller, P., Sezer, S., Safaei, Y., Trickel, E., Zhao, Z., Doupe, A. and Joon Ahn, G., 2017. Deep Android Malware Detection. In Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, pp. 301-308. ACM. 96. Microsoft, 2011. TrojanSpy:AndroidOS/DroidDream.A. [online] Available at: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia description?Name=TrojanSpy%3AAndroidOS%2FDroidDream.A . [Accessed 2 February 2015] 97. Microtrend, 2011. ANDROIDOS_KUNGFU.CI. [online] Available at: https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/androidos_kungfu.ci. [Accessed 2 February 2015] 98. Milosevic, J., Malek, M. and Ferrante, A., 2016, July. Runtime Classification of Mobile Malware for Resource-Constrained Devices. In International Conference on E-Business and Telecommunications, pp. 195-215. Springer, Cham. 99. Milosevic, J., Regazzoni, F. and Malek, M., 2017. Malware Threats and Solutions For Trustworthy Mobile Systems Design. In Hardware Security and Trust, pp. 149-167. Springer, Cham. 100. Moon, S.S. and Kyeong, J.J., 2006. Alert Correlation Analysis in Intrusion Detection. In Proceedings of the 2nd International Conference Advanced Data Mining and Applications (ADMA 2006), pp. 1049–1056. 101. Moonsamy, V., Rong, J., Liu, S., Li, G. and Batten, L., 2013. Contrasting Permission Patterns between Clean and Malicious Android Applications. In Security and Privacy in Communication Networks, pp. 69-85. Springer International Publishing. 102. Moore, A.P., Ellison, R.J. and Linger, R.C., 2001. Attack modeling for information security and survivability (No. CMU-SEI-2001-TN-001). Carnegie-Mellon University Pittsburgh Pa Software Engineering Inst. 103. Muslim Z., 2016. Enhanced Intrusion Detection System Through Significant Feature Identification Model For Ipv6. PhD's thesis, Universiti Teknikal Malaysia Melaka. 104. Myatt, G.J., 2007. Making Sense of Data. A Practical Guide to Exploratory Data Analysis and Data Mining. A John Wiley and Sons, Inc., Publications, New Jersey 105. Narudin, F.A., Feizollah, A., Anuar, N.B. and Gani, A., 2016. Evaluation of Machine Learning Classifiers for Mobile Malware Detection. Soft Computing, 20(1), pp. 343-357. 106. Nashalji, M.N., Razeghi, S.M., Shoorehdeli, M.A. and Teshnehlab, M., 2012. Fault Detection in Tennessee Eastman Process Using Fisher’s Discriminant Analysis and Principal Component Analysis Modified by Genetic Algorithm. In Applied Mechanics and Materials, (Vol. 110), pp. 4255-4262. Trans Tech Publications. 107. Nikola, M., Dehghantanha, A. and Kim-Kwang Raymond, C., 2017. Machine Learning Aided Android Malware Classification. Computers and Electrical Engineering, 61, pp. 266-274. 108. Nikolova, N. and Jaworska, J., 2003. Approaches To Measure Chemical Similarity A Review. QSAR and Combinatorial Science, 22(9-10), pp. 1006-1026. 109. Nivre, J., Hall, J., Nilsson, J., Chanev, A., Eryigit, G., Kübler, S., Marinov, S. and Marsi, E., 2007. MaltParser: A Language-Independent System for Data-Driven Dependency Parsing. Natural Language Engineering, 13(2), pp. 95-135. 110. Noureldien, N.A., Hussain, R.A. and Khalid, A., 2013. The Effect of Feature Selection on Detection Accuracy of Machine Learning Algorithms. International Journal of Engineering, 2(11). 111. Okazaki, Y., Sato, I. and Goto, S., 2002. A New Intrusion Detection Method Based on Process Profiling. In Proceedings of 2002 Symposium on Applications and the Internet (SAINT 2002), 2002, pp. 82-90. IEEE. 112. Palumbo, P., Sayfullina, L., Komashinskiy, D., Eirola, E. and Karhunen, J., 2017. A Pragmatic Android Malware Detection Procedure. Computers and Security, 70, pp. 689-701. 113. Parkour, M., 2016. ContagioDump [online] Available at: http://contagiodump.blogspot.in/. [Accessed January 2016] 114. Paxson, V., 1999. Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks, 31(23), pp. 2435-2463. 115. Piaw, C.Y., 2006. Asas Statistik Penyelidikan Buku 2. McGraw-Hill, Malaysia 116. Pieterse, H. and Olivier, M.S., 2012. Android botnets on the rise: Trends and characteristics. In Information Security for South Africa (ISSA), 2012, pp. 1-5. IEEE. 117. Poolsapassit, N. and Ray, I., 2007. Investigating Computer Attacks using Attack Trees. Advances in Digital Forensics III, 242, pp 331-343. 118. Portokalidis, G., Homburg, P., Anagnostakis, K. and Bos, H., 2010. Paranoid Android: Versatile Protection for Smartphones. In Proceedings of 26th Annual Conference on Computer Security Applications, pp. 347-356. ACM. 119. Pratama, S.F., Muda, A. K., Choo, Y.H. and Muda, N.A., 2010. Feature Selection Methods for Writer Identification: A Comparative Study. In Proceedings of 2010 International Conference on Computer and Computational Intelligence (ICCCI 2010), pp. 234-239. 120. Pratama, S.F., Muda, A.K., Choo, Y.H. and Muda, N.A., 2012. A Comparative Study of Feature Selection Methods for Authorship Invarianceness in Writer Identification. In International Journal of Computer Information Systems and Industrial Management Applications, 4, pp.467-476. 121. Rahmani, C., Sharifi, M. and Tafazzoli, T., 2004. An Experimental Analysis of Proactive Detection of Distributed Denial of Service Attacks. Proceedings of the IIT Kanpur Hacker‟s Workshop (IITKHACK04), pp. 37-44. 122. Ramaswami, M. and Bhaskaran, R., 2009. A Study on Feature Selection Techniques in Educational Data Mining. Journal of Computing, Volume 1, Issue 1, pp. 7-11. 123. Razak, S., Zhou, M. and Lang, S. D., 2002. Network Intrusion Simulation Using OPNET. Proceedings of the OPNETWORK2002, pp. 1-5. 124. Robiah y., R., Selamat, S.R., Mas' ud, M.Z., Sahib, S., Abdollah, M.F. and Ramly, M., 2009. A New Generic Taxonomy on Hybrid Malware Detection Technique. In International Journal of Computer Science and Information Security, 5(1), pp. 56-61. 125. Rocco, T.S., Bliss, L.A., Gallagher, S. and Pérez-Prado, A., 2003. Taking the Next Step: Mixed Methods Research in Organizational Systems. Journal of Information Technology, Learning and Performance, 21(1), pp. 19-29. 126. Sanz B., Santos I., Ugarte-Pedrero X., Laorden C., Nieves J. and Bringas P. G., 2013. Instance-based Anomaly Method for Android Malware Detection. In Proceedings of the 10th International Conference on Security and Cryptography (SECRYPT 2013), pp. 387-394. 127. Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X., Nieves, J., Bringas, P.G. and Álvarez Marañón, G., 2013. MAMA: Manifest Analysis for Malware Detection in Android. Cybernetics and Systems, 44(6-7), pp. 469-488. 128. Sanz, B., Santos, I., Ugarte-Pedrero, X., Laorden, C., Nieves, J. and Bringas, P. G., 2014. Anomaly Detection Using String Analysis for Android Malware Detection. In International Joint Conference SOCO’13-CISIS’13-ICEUTE’13, pp. 469-478. Springer, Cham. 129. Sekar, R., Gupta, A., Frullo, J., Shanbhag, T., Tiware, A. and Yang, H., 2002. Specification-based Anomaly Detection: A New Approach for Detecting Network Intrusions. In Proceedings of the 9th ACM Conference on Computer and Communication Security, pp. 265-274. 130. Selamat S.R., 2012. Integrating Traceability Analysis into Digital Forensic Investigation Process. PhD Thesis, Universiti Teknikal Malaysia Melaka. 131. Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S. and Glezer, C., 2010. Google Android: A Comprehensive Security Assessment. IEEE Security and Privacy, 8(2), pp. 35-44. 132. Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C. and Weiss, Y., 2012. “Andromaly”: A Behavioral Malware Detection Framework for Android Devices. Journal of Intelligent Information Systems, 38(1), pp. 161-190. 133. Shaerpour, K., Dehghantanha, A. and Mahmod, R., 2013. Trends in Android Malware Detection. Journal of Digital Forensics, Security & Law, 8(3). 134. Suarez-Tangil, G., Dash, S.K., Ahmadi, M., Kinder, J., Giacinto, G. and Cavallaro, L., 2017, March. DroidSieve: Fast and Accurate Classification of Obfuscated Android Malware. In Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, pp. 309-320. ACM. 135. Subbulakshmi, T., Mathew, G. and Shalinie, D.S.M, 2010. Real Time Classification and Clustering of IDS Alerts Using Machine Learning Algorithms. International Journal of Artificial Intelligence & Applications, 1(1), pp. 1-9. 136. Sundaram, A., 1996. An Introduction to Intrusion Detection. Crossroads. Special Issue on Computer Security, 2(4), pp. 3-7. 137. Talha, K.A., Alper, D.I. and Aydin, C., 2015. APK Auditor: Permission-Based Android Malware Detection System. Digital Investigation, 13, pp. 1-14. 138. Tjhai, G.C., Furnell, S.M., Papadaki, M. and Clarke, N.L., 2010. A Preliminary Two-Stage Alarm Correlation and Filtering System Using SOM Neural Network and K-Means Algorithm. Journal of Computers & Security, 29, pp. 712-723. 139. Torregrosa García, B., 2015. A Framework for Detection of Malicious Software in Android Handheld Systems Using Machine Learning Techniques. Master thesis. Universitat Oberta de Catalunya. 140. Trendmicro., 2011. ANDROIDOS_SPYGOLD.A. [Online] Available at: https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/androidos_spygold.a. [Accessed 2 February 2015] 141. Urcuqui, C. and Navarro, A., 2016. Framework for Malware Analysis in Android. Sistemas & Telemática, 14(37), pp. 45-56. 142. Vapnik, V., 2000. The Nature of Statistical Learning Theory (2nd Ed.). New York: Springer. 143. Vasudevan, A. and Yerraballi, R., 2006. SPiKE: Engineering Malware Analysis Tools Using Unobtrusive Binary-Instrumentation. In Proceedings of the Australasian Conference on Computer Science (ACSC 2006), pp. 311-320. 144. Villacampa, O., 2015. Feature Selection and Classification Methods for Decision Making: A Comparative Analysis. Doctoral dissertation, Nova Southeastern University. 145. Wang, J., Zhao, P., Hoi, S. C.H. and Jin, R., 2013. Online Feature Selection and Its Applications. IEEE Transactions on Knowledge and Data Engineering, pp. 1-14. 146. Wang, Z., Cai, J., Cheng, S. and Li, W., 2016. DroidDeepLearner: Identifying Android Malware Using Deep Learning. In IEEE 37th Sarnoff Symposium, 2016, pp. 160-165. IEEE. 147. Wei, T.E., Mao, C.H., Jeng, A.B., Lee, H.M., Wang, H.T. and Wu, D.J., 2012. Android Malware Detection via a Latent Network Behavior Analysis. In IEEE 11th International Conference onTrust, Security and Privacy in Computing and Communications (TrustCom), 2012, pp. 1251-1258. IEEE. 148. Wu, D.J., Mao, C.H., Wei, T.E., Lee, H.M. and Wu, K.P., 2012. Droidmat: Android Malware Detection through Manifest and API Calls Tracing. In 2012 Seventh Asia Joint Conference on Information Security (Asia JCIS), pp. 62-69. IEEE. 149. Xu, R., Saïdi, H. and Anderson, R., 2012. Aurasium: Practical Policy Enforcement for Android Applications. In Proceedings of the 21st USENIX conference on Security symposium, pp. 27-27. USENIX Association. 150. Yanfang, Y., Dingding, W., Tao, L. and Dongyi, Y., 2007. IMDS: Intelligent Malware Detection System. Proceedings of the Knowledge Discovery and Data Mining (KDD '07), pp. 1043-1047. 151. Yang, W., Prasad, M. and Xie, T., 2018. EnMobile: Entity-based Characterization and Analysis of Mobile Malware. In Proceedings of the 40th International Conference on Software Engineering (ICSE), pp. 384-394. ACM. 152. Yaqub, M., Javaid, M., Cooper, C. and Noble, A., 2013. Investigation of the role of Feature Selection and Weighted Voting in Random Forests for 3D Volumetric Segmentation. Medical Imaging, IEEE Transactions on medical imaging, PP (99), pp. 1-1. 153. Yerima, S.Y., Sezer, S. and McWilliams, G., 2014. Analysis of Bayesian Classification-Based Approaches for Android Malware Detection. IET Information Security, 8(1), pp. 25-36. 154. Yusof, R., 2011. An Enhancement of Alert Correlation Rule Set for Malware Alarm Reduction. PhD Thesis, Universiti Teknikal Malaysia Melaka 155. Zheng, R., Qin, Y., Huang, Z. and Chen, H., 2003. Authorship Analysis in Cybercrime Investigation. In International Conference on Intelligence and Security Informatics, pp. 59-73. Springer, Berlin, Heidelberg. 156. Zhou, S. and Guan, J., 2002. Chinese Documents Classification Based on n-grams. In International Conference on Intelligent Text Processing and Computational Linguistics, pp. 405-414. Springer, Berlin, Heidelberg. 157. Zhou, Y. and Jiang, X., 2012. Dissecting Android Malware: Characterization and Evolution. In 2012 IEEE Symposium on Security and Privacy (SP), pp. 95-109. IEEE. 158. Zhou, Y., Wang, Z., Zhou, W. and Jiang, X., 2012. Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. In Proceedings of the 19th Annual Network and Distributed System Security Symposium, pp. 5-8.

Similar Items