Android Feature Selection based on Permissions, Intents, and API Calls

Fred Guyton; Wei Li; Ling Wang; Ajoy Kumar

doi:10.1109/sera54885.2022.9806471

Android Feature Selection based on Permissions, Intents, and API Calls

Fred Guyton
, Wei Li
, Ling Wang
, Ajoy Kumar

Nova Southeastern University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

5 Scopus citations

Abstract

Android is a platform that hosts roughly 99% of known mobile malware to date and is thus the focus of much research efforts in mobile malware detection. One of the main tools used in this effort is supervised machine learning. While a decade of work has made a lot of progress in detection accuracy, there is an obstacle that each stream of research is forced to overcome, feature selection, i.e., determining which attributes of Android are most effective as inputs into machine learning models. This research tackles the feature selection problem by providing the community with an exhaustive analysis of the three primary types of Android features used by researchers: Permissions, Intents and API Calls. We applied a wide spectrum of feature selection techniques including eleven different algorithms which consisted of filter methods, wrapper methods and embedded methods. Results were evaluated with three different supervised learning classifiers, Random Forest, Support Vector Machine and Neural Network, on a dataset with over 119K Android apps and over 400 features. The results showed that using a combination of Permissions, Intents and API Calls produced higher accuracy than using any of those alone or in any other combination. The results also showed that feature selection should be performed on the combined dataset, not by feature type and then combined and that the negative effects of not doing so are more pronounced the larger the feature set.

Original language	English
Title of host publication	2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022
Editors	Juyeon Jo, Yeong-Tae Song, Lin Deng, Junghwan Rhee
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	149-154
Number of pages	6
ISBN (Electronic)	9781665483506
ISBN (Print)	9781665483506
DOIs	https://doi.org/10.1109/sera54885.2022.9806471 https://doi.org/10.1109/SERA54885.2022.9806471
State	Published - Jun 30 2022
Event	20th IEEE/ACIS International Conference on Software Engineering Research, Management and Applications, SERA 2022 - Las Vegas, United States Duration: May 25 2022 → May 27 2022

Publication series

Name	2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022

Conference

Conference	20th IEEE/ACIS International Conference on Software Engineering Research, Management and Applications, SERA 2022
Country/Territory	United States
City	Las Vegas
Period	5/25/22 → 5/27/22

Bibliographical note

Publisher Copyright:
© 2022 IEEE.

ASJC Scopus Subject Areas

Management of Technology and Innovation
Computer Networks and Communications
Computer Science Applications
Software
Safety, Risk, Reliability and Quality

Keywords

Android
feature selection
machine learning
malware detection
mobile malware
static analysis

Access to Document

Cite this

Guyton, F., Li, W., Wang, L., & Kumar, A. (2022). Android Feature Selection based on Permissions, Intents, and API Calls. In J. Jo, Y.-T. Song, L. Deng, & J. Rhee (Eds.), 2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022 (pp. 149-154). (2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/sera54885.2022.9806471, https://doi.org/10.1109/SERA54885.2022.9806471

Android Feature Selection based on Permissions, Intents, and API Calls. / Guyton, Fred; Li, Wei ; Wang, Ling et al.
2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022. ed. / Juyeon Jo; Yeong-Tae Song; Lin Deng; Junghwan Rhee. Institute of Electrical and Electronics Engineers Inc., 2022. p. 149-154 (2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Guyton, F, Li, W , Wang, L & Kumar, A 2022, Android Feature Selection based on Permissions, Intents, and API Calls. in J Jo, Y-T Song, L Deng & J Rhee (eds), 2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022. 2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022, Institute of Electrical and Electronics Engineers Inc., pp. 149-154, 20th IEEE/ACIS International Conference on Software Engineering Research, Management and Applications, SERA 2022, Las Vegas, Nevada, United States, 5/25/22. https://doi.org/10.1109/sera54885.2022.9806471, https://doi.org/10.1109/SERA54885.2022.9806471

Guyton F, Li W , Wang L , Kumar A. Android Feature Selection based on Permissions, Intents, and API Calls. In Jo J, Song YT, Deng L, Rhee J, editors, 2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022. Institute of Electrical and Electronics Engineers Inc. 2022. p. 149-154. (2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022). doi: 10.1109/sera54885.2022.9806471, 10.1109/SERA54885.2022.9806471

Guyton, Fred ; Li, Wei ; Wang, Ling et al. / Android Feature Selection based on Permissions, Intents, and API Calls. 2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022. editor / Juyeon Jo ; Yeong-Tae Song ; Lin Deng ; Junghwan Rhee. Institute of Electrical and Electronics Engineers Inc., 2022. pp. 149-154 (2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022).

@inproceedings{7aee919ae34a423d9d9379c1bfeaa05a,

title = "Android Feature Selection based on Permissions, Intents, and API Calls",

abstract = "Android is a platform that hosts roughly 99\% of known mobile malware to date and is thus the focus of much research efforts in mobile malware detection. One of the main tools used in this effort is supervised machine learning. While a decade of work has made a lot of progress in detection accuracy, there is an obstacle that each stream of research is forced to overcome, feature selection, i.e., determining which attributes of Android are most effective as inputs into machine learning models. This research tackles the feature selection problem by providing the community with an exhaustive analysis of the three primary types of Android features used by researchers: Permissions, Intents and API Calls. We applied a wide spectrum of feature selection techniques including eleven different algorithms which consisted of filter methods, wrapper methods and embedded methods. Results were evaluated with three different supervised learning classifiers, Random Forest, Support Vector Machine and Neural Network, on a dataset with over 119K Android apps and over 400 features. The results showed that using a combination of Permissions, Intents and API Calls produced higher accuracy than using any of those alone or in any other combination. The results also showed that feature selection should be performed on the combined dataset, not by feature type and then combined and that the negative effects of not doing so are more pronounced the larger the feature set. ",

keywords = "Android, feature selection, machine learning, malware detection, mobile malware, static analysis",

author = "Fred Guyton and Wei Li and Ling Wang and Ajoy Kumar",

note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; 20th IEEE/ACIS International Conference on Software Engineering Research, Management and Applications, SERA 2022 ; Conference date: 25-05-2022 Through 27-05-2022",

year = "2022",

month = jun,

day = "30",

doi = "10.1109/sera54885.2022.9806471",

language = "English",

isbn = "9781665483506",

series = "2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "149--154",

editor = "Juyeon Jo and Yeong-Tae Song and Lin Deng and Junghwan Rhee",

booktitle = "2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022",

}

TY - GEN

T1 - Android Feature Selection based on Permissions, Intents, and API Calls

AU - Guyton, Fred

AU - Li, Wei

AU - Wang, Ling

AU - Kumar, Ajoy

PY - 2022/6/30

Y1 - 2022/6/30

N2 - Android is a platform that hosts roughly 99% of known mobile malware to date and is thus the focus of much research efforts in mobile malware detection. One of the main tools used in this effort is supervised machine learning. While a decade of work has made a lot of progress in detection accuracy, there is an obstacle that each stream of research is forced to overcome, feature selection, i.e., determining which attributes of Android are most effective as inputs into machine learning models. This research tackles the feature selection problem by providing the community with an exhaustive analysis of the three primary types of Android features used by researchers: Permissions, Intents and API Calls. We applied a wide spectrum of feature selection techniques including eleven different algorithms which consisted of filter methods, wrapper methods and embedded methods. Results were evaluated with three different supervised learning classifiers, Random Forest, Support Vector Machine and Neural Network, on a dataset with over 119K Android apps and over 400 features. The results showed that using a combination of Permissions, Intents and API Calls produced higher accuracy than using any of those alone or in any other combination. The results also showed that feature selection should be performed on the combined dataset, not by feature type and then combined and that the negative effects of not doing so are more pronounced the larger the feature set.

AB - Android is a platform that hosts roughly 99% of known mobile malware to date and is thus the focus of much research efforts in mobile malware detection. One of the main tools used in this effort is supervised machine learning. While a decade of work has made a lot of progress in detection accuracy, there is an obstacle that each stream of research is forced to overcome, feature selection, i.e., determining which attributes of Android are most effective as inputs into machine learning models. This research tackles the feature selection problem by providing the community with an exhaustive analysis of the three primary types of Android features used by researchers: Permissions, Intents and API Calls. We applied a wide spectrum of feature selection techniques including eleven different algorithms which consisted of filter methods, wrapper methods and embedded methods. Results were evaluated with three different supervised learning classifiers, Random Forest, Support Vector Machine and Neural Network, on a dataset with over 119K Android apps and over 400 features. The results showed that using a combination of Permissions, Intents and API Calls produced higher accuracy than using any of those alone or in any other combination. The results also showed that feature selection should be performed on the combined dataset, not by feature type and then combined and that the negative effects of not doing so are more pronounced the larger the feature set.

KW - Android

KW - feature selection

KW - machine learning

KW - malware detection

KW - mobile malware

KW - static analysis

U2 - 10.1109/sera54885.2022.9806471

DO - 10.1109/sera54885.2022.9806471

M3 - Conference contribution

AN - SCOPUS:85129799646

SN - 9781665483506

T3 - 2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022

SP - 149

EP - 154

BT - 2022 IEEE/ACIS 20th International Conference on Software Engineering Research, Management and Applications, SERA 2022

A2 - Jo, Juyeon

A2 - Song, Yeong-Tae

A2 - Deng, Lin

A2 - Rhee, Junghwan

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 20th IEEE/ACIS International Conference on Software Engineering Research, Management and Applications, SERA 2022

Y2 - 25 May 2022 through 27 May 2022

ER -

Android Feature Selection based on Permissions, Intents, and API Calls

Abstract

Publication series

Conference

Bibliographical note

ASJC Scopus Subject Areas

Keywords

Access to Document

Fingerprint

Cite this