Optimizing android malware detection via ensemble learning

Android operating system has become very popular having the highest market share amongst all other mobile operating systems. However, the popularity of Android based mobile applications have opened it up to several attacks and malwares. Traditional signature-based malware detection techniques have been proven to be less effective in detecting new and unknown malware, therefore, machine learning techniques are taking the lead for timely zero-day anomaly detections. Therefore, this study presents an optimized android malware detection model using ensemble learning technique. Random Forest, Support Vector Machine, and k-Nearest Neighbours were used to develop three distinct base models and their predictive results were further combined using majority vote combination function to produce an ensemble model. Reverse engineering procedure was employed to extract static features from large repository of malware samples and benign applications. WEKA 3.8.2 data mining suite was used to perform all the learning experiments. The results obtained revealed that Random Forest had a better sensitivity of 97.9% and a classification accuracy of 98.00% among the other base classifiers connoting that it is a strong base model. However, the ensemble model achieved a sensitivity of 98.1% and a classification accuracy of 98.16%. The finding shows that, although the base learners had good detection results, the ensemble learner produced a better optimized detection model compared with the performances of those of the base learners. © 2020, International Association of Online Engineering.