Performance Analysis of Feature Selection and Classification for Android Malware Using Machine Learning and Deep Learning Models
DOI:
https://doi.org/10.31987/ijict.9.1.323Keywords:
Security, Android platform, Deep learning, Machine learning, Random ForestAbstract
Android malware creates a growing security risk due to the increasing number of applications that work on Android platform nowadays. The need for effective detection methods has made the use of machine learning and deep learning a viable solution. This study presents a comparison between different Machine Learning (ML) and Deep Learning (DL) models including Long Short-Term Memory (LSTM), Bidirectional Long Short-Term Memory (BiLSTM), Gated Recurrent Unit (GRU), Support Vector Machine (SVM), K Nearest Neighbor (KNN), and Logistic Regression (LR) on two datasets Android Malware Detection (AMD) and CICMalDroid2020 to evaluate their performance using a unified architecture with the same parameters. Random Forest method is used to select features from the AMD dataset, by calculating the most significant features that have a direct impact on the process of detecting Androidmalware samples, thereby increasing models’ accuracy. Result for both datasets shows that DL models, especially BiLSTM, outperform other models with accuracy metric that reach 99.77% with full features, 99.88% with selected features for AMD dataset and 89.70% for CICMalDroid2020 dataset.
support@ijict.edu.iq
P.O.Box: 64046
