Android Malware Detection using Deep Learning

In this paper author detecting malware from android app by extracting permissions list from android
APK file and then building features vector, if any APK asking for any permissions such as sending
SMS, calling someone programmatically etc. All this permissions will be extracted from APK and then
put value 1 if any APK request for any permission and if APK not request permission then value 0 will
put. This feature vector will be input to NEURAL Networks and KMEANS algorithm to build Machine
Learning model. This model will be applied on new test android test features to predict whether
android APK contains malware or not.

Malicious programmers may request sensitive permissions from android and then once granted
permission then steal sensitive information from device and send to malicious users. By using this
application we will analyse each permission and then predict whether user requesting that
permission is performing genuine or malicious activity.

Below is the android permission features dataset extracted from APK

In above dataset screen first row contains dataset column names as android permission and
remaining rows contains values as 0 or 1. If android request any permission then value 1 will put else
0. In last column of each row we have class label as 0 or 1 where 1 indicate record is malware and 0
indicate normal or benign. We will use above dataset to train neural network algorithm and this
trained algorithm model can be used to predict malware from new android test signatures.

SCREEN SHOTS

To run project double click on ‘run.bat’ file to get below screen

In above screen click on ‘Upload Android Malware Dataset’ button to upload dataset

In above screen selecting and uploading ‘AndroidDataset.csv’ file and then click on ‘Open’ button to
load dataset and to get below screen
In above screen dataset loaded and now click on ‘Extract Features’ button to read all features from
dataset and to get below screen

In above screen first line displaying dataset contains 3799 records and application splitting dataset
into 80 and 20% where 3039 records used to train neural networks and 20% 760 records used to test
Neural Network accuracy. To select similar records we are applying KMEANS algorithm and this
similar records will be input to Neural Network and then calculate accuracy and confusion matrix
In above screen to train neural networks we took 10 epoch and at each increasing epoch accuracy of
trained model is getting increase which means model is generating with accurately predicting with
test data after building model will get below screen

In above screen we got neural network accuracy as 99% and in above confusion matrix we got 508
classes predicting in class label 0 and 250 classes predicting in class label 1 and only 2 records are
incorrectly predicted due to which 0.23% accuracy reduced. Now click on ‘Upload New APK Features
& Predict Malware’ button to upload new android test features and then will get prediction result
In above screen selecting and uploading ‘test.csv’ file and then click on ‘Open’ button to load test
dataset and then will get below prediction result

In above screen in square brackets we can see all android permission test features and then after
square bracket we can see whether MALWARE detected or not in that record. You can scroll down
above text area to view all results