Feature importance in mobile malware detection
Vasileios Kouliaridis, Georgios Kambourakis, Tao Peng
TL;DR
This paper investigates feature importance in Android malware detection by analyzing and ranking app features like permissions and intents across multiple datasets using Information Gain, highlighting key features for improved classification.
Contribution
It provides a comprehensive analysis of feature importance in mobile malware detection, focusing on permissions and intents across recent datasets, which was previously underexplored.
Findings
Permissions and intents are highly influential features.
Ranking features helps improve malware detection accuracy.
Analysis across multiple datasets reveals consistent important features.
Abstract
The topic of mobile malware detection on the Android platform has attracted significant attention over the last several years. However, while much research has been conducted toward mobile malware detection techniques, little attention has been devoted to feature selection and feature importance. That is, which app feature matters more when it comes to machine learning classification. After succinctly surveying all major, dated from 2012 to 2020, datasets used by state-of-the-art malware detection works in the literature, we analyse a critical mass of apps from the most contemporary and prevailing datasets, namely Drebin, VirusShare, and AndroZoo. Next, we rank the importance of app classification features pertaining to permissions and intents using the Information Gain algorithm for all the three above-mentioned datasets.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.