Affiliation:
1. Centro de Investigación en Computación (CIC), Instituto Politécnico Nacional (IPN), Av. Juan de Dios Batiz, s/n, Mexico City, Mexico
Abstract
Recently, Android device usage has increased significantly, and malicious applications for the Android ecosystem have also increased. Security researchers have studied Android malware analysis as an emerging issue. The proposed methods employ a combination of static, dynamic, or hybrid analysis along with Machine Learning (ML) algorithms to detect and classify malware into families. These families often exhibit shared similarities among their members or with other families. This paper presents a new method that combines Fuzzy Hashing and Natural Language Processing (NLP) techniques to find Android malware families based on their similarities by applying reverse engineering to extract the features and compute fuzzy hashing of the preprocessed code. This relationship allows us to identify the families according to their features. A study was conducted using a database test of 2,288 samples from diverse ransomware families. An accuracy in classifying Android ransomware malware up to 98.46% was achieved.
Reference23 articles.
1. IDC. IDC Worldwide Quarterly Mobile Phone Tracker. International Data Corporation (2022).
2. (ENE) and D.C. Barbu, A horizontaltuning framework for machine learning algorithms using amicroservice-based architecture;Oprea;Studies in Informatics and Control,2023
3. A comprehensive survey on deeplearning based malware detection techniques;Gopinath;Computer ScienceReview,2023
4. Malware analysis and detection usingmachine learning algorithms;Akhtar;Symmetry,2022
5. A novel deep learning-based approach for malware detection,30, ISSN -;Shaukat;Engineering Applications of Artificial Intelligence,2023