TrojanDetector: A Multi-Layer Hybrid Approach for Trojan Detection in Android Applications-Reference-Cited by-同舟云学术

TrojanDetector: A Multi-Layer Hybrid Approach for Trojan Detection in Android Applications

Published:2022-10-24 Issue:21 Volume:12 Page:10755
ISSN:2076-3417
Container-title:Applied Sciences
language:en
Short-container-title:Applied Sciences

Author:

Ullah Subhan,Ahmad Tahir^ORCID,Buriro Attaullah^ORCID,Zara Nudrat,Saha Sudipan^ORCID

Abstract

Trojan Detection—the process of understanding the behaviour of a suspicious file has been the talk of the town these days. Existing approaches, e.g., signature-based, have not been able to classify them accurately as Trojans. This paper proposes TrojanDetector—a simple yet effective multi-layer hybrid approach for Trojan detection. TrojanDetector analyses every downloaded application and extracts and correlates its features on three layers (i.e., application-, user-, and package layer) to identify it as either a benign application or a Trojan. TrojanDetector adopts a hybrid approach, combining static and dynamic analysis characteristics, for feature extraction from any downloaded application. We have evaluated our scheme on three publicly available datasets, namely (i) CCCS- CIC-AndMal-2020, (ii) Cantagio-Mobile, and (iii) Virus share, by using simple yet state-of-the-art classifiers, namely, random forest (RF), decision tree (DT), support vector machine (SVM), and logistic regression (LR) in binary—class settings. SVM outperformed its counterparts and attained the highest accuracy of 96.64%. Extensive experimentation shows the effectiveness of our proposed Trojan detection scheme.

Funder

Open Access Publishing Fund of the Free University of Bozen-Bolzano

Publisher

MDPI AG

Subject

Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science

Link

https://www.mdpi.com/2076-3417/12/21/10755/pdf

Reference28 articles.

1. Wotring, B., and Potter, B. Host Integrity Monitoring: Using Osiris and Samhain, 2005.

2. Sharma, H., Govindan, K., Poonia, R.C., Kumar, S., and Wael, M. Advances in Computing and Intelligent Systems. Springer Nat., 2022.

3. A hybrid approach of mobile malware detection in Android;Tong;J. Parallel Distrib. Comput.,2017

4. ARPGE: A computer program to automatically reconstruct the parent grains from electron backscatter diffraction data;Cayron;J. Appl. Crystallogr.,2007

5. Odyssey: Creation, Analysis and Detection of Trojan Models;Edraki;IEEE Trans. Inf. Forensics Secur.,2021

Cited by 7 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Machine Learning for Android Malware Detection: Mission Accomplished? A Comprehensive Review of Open Challenges and Future Perspectives;Computers & Security;2024-03

2. Machine learning and deep learning techniques for detecting malicious android applications: An empirical analysis;Proceedings of the Indian National Science Academy;2023-06-21

3. Machine Learning-Based Dynamic Attribute Selection Technique for DDoS Attack Classification in IoT Networks;Computers;2023-05-29

4. MVDroid: an android malicious VPN detector using neural networks;Neural Computing and Applications;2023-04-03

5. MalwD&C: A Quick and Accurate Machine Learning-Based Approach for Malware Detection and Categorization;Applied Sciences;2023-02-15