Researchers have turned their focus on leveraging either dynamic or static features extracted from applications to train AI algorithms to identify malware precisely. However, the adversarial techniques have been continuously evolving and meanwhile, the code structure and application function have been designed in complex format. This makes Android malware detection more challenging than before. Most of the existing detection methods may not work well on recent malware samples. In this paper, we aim at enhancing the detection accuracy of Android malware through machine learning techniques via the design and development of our system called MFF-AMD. In our system, we first extract various features through static and dynamic analysis and obtain a multiscale comprehensive feature set. Then, to achieve high classification performance, we introduce the Relief algorithm to fuse the features, and design four weight distribution algorithms to fuse base classifiers. Finally, we set the threshold to guide MFF-AMD to perform static or hybrid analysis on the malware samples. Our experiments performed on more than 25,000 applications from the recent five-year dataset demonstrate that MFF-AMD can effectively detect malware with high accuracy.
Leave a Reply