An In-Depth Review of Machine Learning Based Android Malware Detection

Ali Muzaffar; Hani Ragab Hassan; Michael Adam Lones; Hind Zantout

doi:10.1016/j.cose.2022.102833

An In-Depth Review of Machine Learning Based Android Malware Detection

Ali Muzaffar, Hani Ragab Hassan, Michael Adam Lones, Hind Zantout

Research output: Contribution to journal › Article › peer-review

50 Citations (Scopus)

211 Downloads (Pure)

Abstract

It is estimated that around 70% of mobile phone users have an Android device. Due to this popularity, the Android operating system attracts a lot of malware attacks. The sensitive nature of data present on smartphones means that it is important to protect against these attacks. Classic signature-based detection techniques fall short when they come up against a large number of users and applications. Machine learning, on the other hand, appears to work well, and also helps in identifying zero-day attacks, since it does not require an existing database of malicious signatures. In this paper, we critically review past works that have used machine learning to detect Android malware. The review covers supervised, unsupervised, deep learning and online learning approaches, and organises them according to whether they use static, dynamic or hybrid features.

Original language	English
Article number	102833
Journal	Computers and Security
Volume	121
Early online date	16 Jul 2022
DOIs	https://doi.org/10.1016/j.cose.2022.102833
Publication status	Published - Oct 2022

Keywords

Android security
Dynamic malware analysis
Machine learning
Malware detection
Static malware analysis

ASJC Scopus subject areas

General Computer Science
Law

Access to Document

10.1016/j.cose.2022.102833Licence: CC BY

Download pdf
© 2022 The Authors.
Final published version, 1.07 MBLicence: CC BY

Cite this

@article{94d1da9f38aa4b6b81ce93267a92b5a2,

title = "An In-Depth Review of Machine Learning Based Android Malware Detection",

abstract = "It is estimated that around 70% of mobile phone users have an Android device. Due to this popularity, the Android operating system attracts a lot of malware attacks. The sensitive nature of data present on smartphones means that it is important to protect against these attacks. Classic signature-based detection techniques fall short when they come up against a large number of users and applications. Machine learning, on the other hand, appears to work well, and also helps in identifying zero-day attacks, since it does not require an existing database of malicious signatures. In this paper, we critically review past works that have used machine learning to detect Android malware. The review covers supervised, unsupervised, deep learning and online learning approaches, and organises them according to whether they use static, dynamic or hybrid features.",

keywords = "Android security, Dynamic malware analysis, Machine learning, Malware detection, Static malware analysis",

author = "Ali Muzaffar and {Ragab Hassan}, Hani and Lones, {Michael Adam} and Hind Zantout",

year = "2022",

month = oct,

doi = "10.1016/j.cose.2022.102833",

language = "English",

volume = "121",

journal = "Computers and Security",

issn = "0167-4048",

publisher = "Elsevier Ltd",

}

TY - JOUR

T1 - An In-Depth Review of Machine Learning Based Android Malware Detection

AU - Muzaffar, Ali

AU - Ragab Hassan, Hani

AU - Lones, Michael Adam

AU - Zantout, Hind

PY - 2022/10

Y1 - 2022/10

N2 - It is estimated that around 70% of mobile phone users have an Android device. Due to this popularity, the Android operating system attracts a lot of malware attacks. The sensitive nature of data present on smartphones means that it is important to protect against these attacks. Classic signature-based detection techniques fall short when they come up against a large number of users and applications. Machine learning, on the other hand, appears to work well, and also helps in identifying zero-day attacks, since it does not require an existing database of malicious signatures. In this paper, we critically review past works that have used machine learning to detect Android malware. The review covers supervised, unsupervised, deep learning and online learning approaches, and organises them according to whether they use static, dynamic or hybrid features.

AB - It is estimated that around 70% of mobile phone users have an Android device. Due to this popularity, the Android operating system attracts a lot of malware attacks. The sensitive nature of data present on smartphones means that it is important to protect against these attacks. Classic signature-based detection techniques fall short when they come up against a large number of users and applications. Machine learning, on the other hand, appears to work well, and also helps in identifying zero-day attacks, since it does not require an existing database of malicious signatures. In this paper, we critically review past works that have used machine learning to detect Android malware. The review covers supervised, unsupervised, deep learning and online learning approaches, and organises them according to whether they use static, dynamic or hybrid features.

KW - Android security

KW - Dynamic malware analysis

KW - Machine learning

KW - Malware detection

KW - Static malware analysis

UR - http://www.scopus.com/inward/record.url?scp=85134644947&partnerID=8YFLogxK

U2 - 10.1016/j.cose.2022.102833

DO - 10.1016/j.cose.2022.102833

M3 - Article

SN - 0167-4048

VL - 121

JO - Computers and Security

JF - Computers and Security

M1 - 102833

ER -

An In-Depth Review of Machine Learning Based Android Malware Detection

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this