In this project, we are? going to explain to the interested of this cybersecurity area how I used data science in order to train machine learning mechanisms to detect threats
In recent years, the usages of smartphones are increasing steadily, and also the growth of Android application users is increasing. Due to the growth of Android application users, some intruders are creating the malicious android application as tool to steal sensitive data and identity theft/fraud mobile banks, mobile wallets. There are so many malicious applications detection tools and software are available. But an effective and efficiently malicious applications detection tools are needed to tackle and handle new complex malicious apps created by intruders or hackers. In this paper, we came up with the idea of using machine learning approaches for detecting malicious Android applications. First, we have to gather a dataset of past malicious apps as a training set and with the help of the support vector machine algorithm and decision tree algorithm makeup comparison with the training dataset and trained dataset, we can predict the malware android apps up to 93.2 % unknown / New malware mobile application.
?Traditionally Numerous malware detection tools have been developed, but some tools are may not able to detect newly created malware applications and unknown malware applications infected by various Trojan, worms,? spyware? Detecting of a large number of the malicious application over millions of android applications is still a challenging task using the traditional way. In existing, Nonmachine learning way of detecting malicious applications based on characteristics, properties, behavior.
- Identification of newly updated or created malicious applications is hard to find out.
- Non Machine learning approaches are not reliable and efficient
- Existing approaches cover only 30 permissions out of 300 app permissions, due to these limited apps permissions different types of attacks can occur.
?Android is one of the most used mobile operating systems worldwide. Due to its technological impact, its open-source code, and the possibility of installing applications from third parties without any central control, Android has recently become a malware target. Even if it includes security mechanisms, the last news about malicious activities and Android?s vulnerabilities point to the importance of continuing the development of methods and frameworks to improve its security.
To prevent malware attacks, researchers and developers have proposed different security solutions, applying static analysis, dynamic analysis, and artificial intelligence. Indeed, data science has become a promising area in cybersecurity, since analytical models based on data allow for the discovery of insights that can help to predict malicious activities.
We can analyze cyber threats using two techniques, static analysis, and dynamic analysis, the most important thing is that these are the approaches to get the features that we are going to use in data science.
it includes the methods that allow us to get information about the software that we want to analyze without executing it, one example of them is the study of the code, their callings, resources, etc.
it is another approach where the idea is to analyze the cyber threat during its execution, in other words, get information about its behavior, some of their features are the net flows.
- Improves the percentages of detection malicious applications.
- Machine learning is better efficient than Nonmachine learning algorithm.
- Able to detect new malware android applications.
- We only need to consider 22 out of 135 permissions to improve the runtime performance by 85.6%.
HARDWARE AND SOFTWARE SPECIFICATION
- Windows 7,8,10 64 bit
- RAM 4GB
- Data Set
- Naive Bayes
- Random forest