Android Botnet Detection by Classification Techniques

• Published in: Advances in Intelligent Systems and Computing
• Main Author: Majit A.Z.B.; Shamala P.; Foozy C.F.M.; Wen C.C.; Chinniah M.
• Format: Conference paper
• Language: English
• Published: Springer 2020
• Online Access: https://www.scopus.com/inward/record.uri?eid=2-s2.0-85078476738&doi=10.1007%2f978-3-030-36056-6_11&partnerID=40&md5=71d576ee9cbc753789a25376b017324d

Currently, android botnet attacks have shifted from computers to smartphones due to its functionality, ease to exploit, and based on financial intention. Mostly, the Android malware attack increased due to its popularity and high usage among end users. Android botnet is defined as a collection of compromised mobile smartphones and controlled by a botmaster through a command and control (C&C) channel to serve a malicious purpose. Current research are still lacking in terms of their low detection rate due to their selected features. This approach is implemented by extracting two different types of features permissions, software features as well as API calls. Thus, this paper proposes an approach that utilizes ensemble learning for Android malware detection. It combines advantages of static analysis with the efficiency and performance of ensemble machine learning to improve Android malware detection accuracy. For dataset was collected from UNB the Canadian Institute for Cybersecurity dataset and benign from google play. Canadian Institute for Cybersecurity is actually a lightweight method for detection of Android botnet that infers detection patterns automatically and enables identifying botnet directly on the smartphone. The machine learning algorithms used are random forest and naive bayes for classification however while random forest show more accuracy compared with another algorithm. The performance of various classifiers is evaluated by identifying the rate of False Positive and True Positive and accuracy. The results showed that Random Forest Algorithm achieved the highest accuracy rate of 97.1%. In future, more significant approach by using different feature selection such as intent, string and system component will be further explored for a better detection and accuracy rate. © Springer Nature Switzerland AG 2020.