The detection and prevention of Malware attacks on android mobile through the application of artificial intelligence techniques

Abstract

Our everyday lives are integrated with the use of mobile devices which store sensitive data. Sensitive data stored on smartphones attract different threats including malware. Among mobile platforms, Android is the most popular OS with malware targeting sensitive information and other mobile services. If malware infects a digital device, then it has control over the device's functionality and data. This can impact your finances, your privacy, and your access to your data. Malware is a threat not only to individuals but also to corporate organisations and financial institutions as well. This could lead to communication traffic of an infected network, hardware failure of the physical device, data theft, and loss of critical business data, among others. There are existing detection techniques for identifying Android malware. However, these techniques are limited in detecting evolving and sophisticated malware which use permission features as attack vectors in a smart fashion to infect Android mobile devices. To improve malware detection accuracy based on the related problem, we developed techniques for identifying Android-based malicious applications. To achieve this, the author presents a thorough review of the mobile malware evolution and infection strategies. The second part of the survey covers Android mobile malware detection, classification, and analysis techniques where the author identifies their efficacy in detecting evolving malware and their limitations. The author identifies through the review research gaps which open unto the development of different and novel solutions for Android malware classification and analysis. We leveraged the existing strengths of the previous methods to develop a robust novel automated framework to classify and analyse Android malware based on permission features. Classification accuracy of 97% was achieved with our framework with a False Positive Rate of 3%. Our techniques identified privileges that malware exploits as attack vectors to infect Android-based devices. The results demonstrate that our framework has high feature diversity capabilities for Android malware classification. We identified that there are permissions with similar attributes that are correlated and can trigger the installation of similar permissions with the same threat level especially. However, these prevention techniques are not tested on other mobile platforms' data and do not focus on mitigating pileup susceptibilities. Finally, we believe that as the results of this research are being made public and cited by organizations and individuals, the outcome of this will influence the security and social policies that mobile companies will implement based on some of the recommendations by our findings.