Visible to the public A New Mobile Botnet Classification Based on Permission and API Calls

TitleA New Mobile Botnet Classification Based on Permission and API Calls
Publication TypeConference Paper
Year of Publication2017
AuthorsYusof, M., Saudi, M. M., Ridzuan, F.
Conference Name2017 Seventh International Conference on Emerging Security Technologies (EST)
ISBN Number978-1-5386-4018-0
KeywordsAndroid (operating system), Android botnet, Androids, API calls, APIs, application program interfaces, application programming interface, compositionality, Drebin dataset, feature extraction, feature selection, Humanoid robots, invasive software, learning (artificial intelligence), machine learning, machine learning algorithms, malicious mobile applications, Malware, mobile botnet attacks, mobile botnet classification, mobile botnet detection, Mobile communication, mobile computing, pattern classification, program diagnostics, pubcrawl, random forest algorithm, random processes, resilience, Resiliency, smart phones, smartphone, static analysis

Currently, mobile botnet attacks have shifted from computers to smartphones due to its functionality, ease to exploit, and based on financial intention. Mostly, it attacks Android due to its popularity and high usage among end users. Every day, more and more malicious mobile applications (apps) with the botnet capability have been developed to exploit end users' smartphones. Therefore, this paper presents a new mobile botnet classification based on permission and Application Programming Interface (API) calls in the smartphone. This classification is developed using static analysis in a controlled lab environment and the Drebin dataset is used as the training dataset. 800 apps from the Google Play Store have been chosen randomly to test the proposed classification. As a result, 16 permissions and 31 API calls that are most related with mobile botnet have been extracted using feature selection and later classified and tested using machine learning algorithms. The experimental result shows that the Random Forest Algorithm has achieved the highest detection accuracy of 99.4% with the lowest false positive rate of 16.1% as compared to other machine learning algorithms. This new classification can be used as the input for mobile botnet detection for future work, especially for financial matters.

Citation Keyyusof_new_2017