Cargando…

Android malware analysis in a nutshell

This paper offers a comprehensive analysis model for android malware. The model presents the essential factors affecting the analysis results of android malware that are vision-based. Current android malware analysis and solutions might consider one or some of these factors while building their malw...

Descripción completa

Detalles Bibliográficos
Autores principales: Almomani, Iman, Ahmed, Mohanned, El-Shafai, Walid
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Public Library of Science 2022
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9255778/
https://www.ncbi.nlm.nih.gov/pubmed/35788205
http://dx.doi.org/10.1371/journal.pone.0270647
_version_ 1784740989782458368
author Almomani, Iman
Ahmed, Mohanned
El-Shafai, Walid
author_facet Almomani, Iman
Ahmed, Mohanned
El-Shafai, Walid
author_sort Almomani, Iman
collection PubMed
description This paper offers a comprehensive analysis model for android malware. The model presents the essential factors affecting the analysis results of android malware that are vision-based. Current android malware analysis and solutions might consider one or some of these factors while building their malware predictive systems. However, this paper comprehensively highlights these factors and their impacts through a deep empirical study. The study comprises 22 CNN (Convolutional Neural Network) algorithms, 21 of them are well-known, and one proposed algorithm. Additionally, several types of files are considered before converting them to images, and two benchmark android malware datasets are utilized. Finally, comprehensive evaluation metrics are measured to assess the produced predictive models from the security and complexity perspectives. Consequently, guiding researchers and developers to plan and build efficient malware analysis systems that meet their requirements and resources. The results reveal that some factors might significantly impact the performance of the malware analysis solution. For example, from a security perspective, the accuracy, F1-score, precision, and recall are improved by 131.29%, 236.44%, 192%, and 131.29%, respectively, when changing one factor and fixing all other factors under study. Similar results are observed in the case of complexity assessment, including testing time, CPU usage, storage size, and pre-processing speed, proving the importance of the proposed android malware analysis model.
format Online
Article
Text
id pubmed-9255778
institution National Center for Biotechnology Information
language English
publishDate 2022
publisher Public Library of Science
record_format MEDLINE/PubMed
spelling pubmed-92557782022-07-06 Android malware analysis in a nutshell Almomani, Iman Ahmed, Mohanned El-Shafai, Walid PLoS One Research Article This paper offers a comprehensive analysis model for android malware. The model presents the essential factors affecting the analysis results of android malware that are vision-based. Current android malware analysis and solutions might consider one or some of these factors while building their malware predictive systems. However, this paper comprehensively highlights these factors and their impacts through a deep empirical study. The study comprises 22 CNN (Convolutional Neural Network) algorithms, 21 of them are well-known, and one proposed algorithm. Additionally, several types of files are considered before converting them to images, and two benchmark android malware datasets are utilized. Finally, comprehensive evaluation metrics are measured to assess the produced predictive models from the security and complexity perspectives. Consequently, guiding researchers and developers to plan and build efficient malware analysis systems that meet their requirements and resources. The results reveal that some factors might significantly impact the performance of the malware analysis solution. For example, from a security perspective, the accuracy, F1-score, precision, and recall are improved by 131.29%, 236.44%, 192%, and 131.29%, respectively, when changing one factor and fixing all other factors under study. Similar results are observed in the case of complexity assessment, including testing time, CPU usage, storage size, and pre-processing speed, proving the importance of the proposed android malware analysis model. Public Library of Science 2022-07-05 /pmc/articles/PMC9255778/ /pubmed/35788205 http://dx.doi.org/10.1371/journal.pone.0270647 Text en © 2022 Almomani et al https://creativecommons.org/licenses/by/4.0/This is an open access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/) , which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
spellingShingle Research Article
Almomani, Iman
Ahmed, Mohanned
El-Shafai, Walid
Android malware analysis in a nutshell
title Android malware analysis in a nutshell
title_full Android malware analysis in a nutshell
title_fullStr Android malware analysis in a nutshell
title_full_unstemmed Android malware analysis in a nutshell
title_short Android malware analysis in a nutshell
title_sort android malware analysis in a nutshell
topic Research Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9255778/
https://www.ncbi.nlm.nih.gov/pubmed/35788205
http://dx.doi.org/10.1371/journal.pone.0270647
work_keys_str_mv AT almomaniiman androidmalwareanalysisinanutshell
AT ahmedmohanned androidmalwareanalysisinanutshell
AT elshafaiwalid androidmalwareanalysisinanutshell