A New Mobile Botnet Classification Based on Permission and API Calls
Title | A New Mobile Botnet Classification Based on Permission and API Calls |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Yusof, M., Saudi, M. M., Ridzuan, F. |
Conference Name | 2017 Seventh International Conference on Emerging Security Technologies (EST) |
ISBN Number | 978-1-5386-4018-0 |
Keywords | Android (operating system), Android botnet, Androids, API calls, APIs, application program interfaces, application programming interface, compositionality, Drebin dataset, feature extraction, feature selection, Humanoid robots, invasive software, learning (artificial intelligence), machine learning, machine learning algorithms, malicious mobile applications, Malware, mobile botnet attacks, mobile botnet classification, mobile botnet detection, Mobile communication, mobile computing, pattern classification, program diagnostics, pubcrawl, random forest algorithm, random processes, resilience, Resiliency, smart phones, smartphone, static analysis |
Abstract | Currently, mobile botnet attacks have shifted from computers to smartphones due to its functionality, ease to exploit, and based on financial intention. Mostly, it attacks Android due to its popularity and high usage among end users. Every day, more and more malicious mobile applications (apps) with the botnet capability have been developed to exploit end users' smartphones. Therefore, this paper presents a new mobile botnet classification based on permission and Application Programming Interface (API) calls in the smartphone. This classification is developed using static analysis in a controlled lab environment and the Drebin dataset is used as the training dataset. 800 apps from the Google Play Store have been chosen randomly to test the proposed classification. As a result, 16 permissions and 31 API calls that are most related with mobile botnet have been extracted using feature selection and later classified and tested using machine learning algorithms. The experimental result shows that the Random Forest Algorithm has achieved the highest detection accuracy of 99.4% with the lowest false positive rate of 16.1% as compared to other machine learning algorithms. This new classification can be used as the input for mobile botnet detection for future work, especially for financial matters. |
URL | http://ieeexplore.ieee.org/document/8090410/ |
DOI | 10.1109/EST.2017.8090410 |
Citation Key | yusof_new_2017 |
- pubcrawl
- malware
- mobile botnet attacks
- mobile botnet classification
- mobile botnet detection
- Mobile communication
- mobile computing
- pattern classification
- program diagnostics
- malicious mobile applications
- random forest algorithm
- random processes
- resilience
- Resiliency
- smart phones
- smartphone
- static analysis
- Android (operating system)
- machine learning algorithms
- machine learning
- learning (artificial intelligence)
- invasive software
- Humanoid robots
- Feature Selection
- feature extraction
- Drebin dataset
- Compositionality
- application programming interface
- application program interfaces
- APIs
- API calls
- Androids
- Android botnet