Cargando…
Android malware analysis in a nutshell
This paper offers a comprehensive analysis model for android malware. The model presents the essential factors affecting the analysis results of android malware that are vision-based. Current android malware analysis and solutions might consider one or some of these factors while building their malw...
Autores principales: | , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
Public Library of Science
2022
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9255778/ https://www.ncbi.nlm.nih.gov/pubmed/35788205 http://dx.doi.org/10.1371/journal.pone.0270647 |
_version_ | 1784740989782458368 |
---|---|
author | Almomani, Iman Ahmed, Mohanned El-Shafai, Walid |
author_facet | Almomani, Iman Ahmed, Mohanned El-Shafai, Walid |
author_sort | Almomani, Iman |
collection | PubMed |
description | This paper offers a comprehensive analysis model for android malware. The model presents the essential factors affecting the analysis results of android malware that are vision-based. Current android malware analysis and solutions might consider one or some of these factors while building their malware predictive systems. However, this paper comprehensively highlights these factors and their impacts through a deep empirical study. The study comprises 22 CNN (Convolutional Neural Network) algorithms, 21 of them are well-known, and one proposed algorithm. Additionally, several types of files are considered before converting them to images, and two benchmark android malware datasets are utilized. Finally, comprehensive evaluation metrics are measured to assess the produced predictive models from the security and complexity perspectives. Consequently, guiding researchers and developers to plan and build efficient malware analysis systems that meet their requirements and resources. The results reveal that some factors might significantly impact the performance of the malware analysis solution. For example, from a security perspective, the accuracy, F1-score, precision, and recall are improved by 131.29%, 236.44%, 192%, and 131.29%, respectively, when changing one factor and fixing all other factors under study. Similar results are observed in the case of complexity assessment, including testing time, CPU usage, storage size, and pre-processing speed, proving the importance of the proposed android malware analysis model. |
format | Online Article Text |
id | pubmed-9255778 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2022 |
publisher | Public Library of Science |
record_format | MEDLINE/PubMed |
spelling | pubmed-92557782022-07-06 Android malware analysis in a nutshell Almomani, Iman Ahmed, Mohanned El-Shafai, Walid PLoS One Research Article This paper offers a comprehensive analysis model for android malware. The model presents the essential factors affecting the analysis results of android malware that are vision-based. Current android malware analysis and solutions might consider one or some of these factors while building their malware predictive systems. However, this paper comprehensively highlights these factors and their impacts through a deep empirical study. The study comprises 22 CNN (Convolutional Neural Network) algorithms, 21 of them are well-known, and one proposed algorithm. Additionally, several types of files are considered before converting them to images, and two benchmark android malware datasets are utilized. Finally, comprehensive evaluation metrics are measured to assess the produced predictive models from the security and complexity perspectives. Consequently, guiding researchers and developers to plan and build efficient malware analysis systems that meet their requirements and resources. The results reveal that some factors might significantly impact the performance of the malware analysis solution. For example, from a security perspective, the accuracy, F1-score, precision, and recall are improved by 131.29%, 236.44%, 192%, and 131.29%, respectively, when changing one factor and fixing all other factors under study. Similar results are observed in the case of complexity assessment, including testing time, CPU usage, storage size, and pre-processing speed, proving the importance of the proposed android malware analysis model. Public Library of Science 2022-07-05 /pmc/articles/PMC9255778/ /pubmed/35788205 http://dx.doi.org/10.1371/journal.pone.0270647 Text en © 2022 Almomani et al https://creativecommons.org/licenses/by/4.0/This is an open access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/) , which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. |
spellingShingle | Research Article Almomani, Iman Ahmed, Mohanned El-Shafai, Walid Android malware analysis in a nutshell |
title | Android malware analysis in a nutshell |
title_full | Android malware analysis in a nutshell |
title_fullStr | Android malware analysis in a nutshell |
title_full_unstemmed | Android malware analysis in a nutshell |
title_short | Android malware analysis in a nutshell |
title_sort | android malware analysis in a nutshell |
topic | Research Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9255778/ https://www.ncbi.nlm.nih.gov/pubmed/35788205 http://dx.doi.org/10.1371/journal.pone.0270647 |
work_keys_str_mv | AT almomaniiman androidmalwareanalysisinanutshell AT ahmedmohanned androidmalwareanalysisinanutshell AT elshafaiwalid androidmalwareanalysisinanutshell |