Classification and Analysis of Android Malware Images Using Feature Fusion Technique

Author First name, Last name, Institution

Jaiteg Singh, Chitkara University
Deepak Thakur, Chitkara University
Tanya Gera, Chitkara University
Babar Shah, Zayed UniversityFollow
Tamer Abuhmed, Sungkyunkwan University
Farman Ali, Sejong University

Document Type

Article

Source of Publication

IEEE Access

Publication Date

6-21-2021

Abstract

The super packed functionalities and artificial intelligence (AI)-powered applications have made the Android operating system a big player in the market. Android smartphones have become an integral part of life and users are reliant on their smart devices for making calls, sending text messages, navigation, games, and financial transactions to name a few. This evolution of the smartphone community has opened new horizons for malware developers. As malware variants are growing at a tremendous rate every year, there is an urgent need to combat against stealth malware techniques. This paper proposes a visualization and machine learning-based framework for classifying Android malware. Android malware applications from the DREBIN dataset were converted into grayscale images. In the first phase of the experiment, the proposed framework transforms Android malware into fifteen different image sections and identifies malware files by exploiting handcrafted features associated with Android malware images. The algorithms such as Gray Level Co-occurrence Matrix-based (GLCM), Global Image deScripTors (GIST), and Local Binary Pattern (LBP) are used to extract the handcrafted features from the image sections. The extracted features were further classified using machine learning algorithms like K-Nearest Neighbors, Support Vector Machines, and Random Forests. In the second phase of the experiment, handcrafted features were fused with CNN features to form the feature fusion strategy. The classification performance was evaluated against every malware image file section. The results obtained using the Feature Fusion strategy are compared with handcrafted features results. The experiment results conclude to the fact that Feature Fusion-SVM model is most suited for the identification and classification of Android malware using the certificate and Android Manifest (CR + AM) malware images. It attained an high accuracy of 93.24%.

DOI Link

10.1109/access.2021.3090998

ISSN

2169-3536

Publisher

Institute of Electrical and Electronics Engineers (IEEE)

Volume

9

First Page

90102

Last Page

90117

Disciplines

Computer Sciences

Keywords

Malware, Feature extraction, Smart phones, Support vector machines, Convolutional neural networks, Visualization, Training

Scopus ID

85112472096

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Recommended Citation

Singh, Jaiteg; Thakur, Deepak; Gera, Tanya; Shah, Babar; Abuhmed, Tamer; and Ali, Farman, "Classification and Analysis of Android Malware Images Using Feature Fusion Technique" (2021). All Works. 4332.
https://zuscholars.zu.ac.ae/works/4332

Indexed in Scopus

yes

Open Access

yes

Open Access Type

Gold: This publication is openly available in an open access journal/series