MDTA: A New Approach of Supervised Machine Learning for Android Malware Detection and Threat Attribution Using Behavioral Reports

Android is liable to malware attacks because of its open architecture, massive user base, and easy access to its code. The security investigation depends upon the dynamic analysis for malware detection. In this system, digital samples or system calls were analyzed, and the malicious application created a runtime behavioral profile. The resulting system is further used to detect malware and attribute threat, with selected features analysis. But due to a variety of malware families and execution environments, it is not scalable. Because for every new execution environment, the new feature needs to be engineered manually. MDTA is a portable malware detection framework system. They are also used for detecting different threat acknowledgment using supervised machine learning techniques. MDTA is the best suitable and manageable approach for analyzing behavioral reports using a machine learning algorithm for providing security measures to identify malware without the intervention of the investigator. Additionally, natural language processing (NLP) is used to represent the behavioral report. MDTA is then evaluated on different datasets from diverse platforms and execution environment.