AntDroidNet Cybersecurity Model: A Hybrid Integration of Ant Colony Optimization and Deep Neural Networks for Android Malware Detection
Article Sidebar
Main Article Content
Abstract
Malware detection is a vital problem, and efficient methods that can efficiently detect malware are needed. The increasing use of mobile computers makes malware detection a vital part of security in an era where smartphones have come to play a key role in many of our daily lives. Earlier approaches, however, suffer from high false positive rates; they are not scalable for larger databases, or they are not amenable to adapt well to novel zero-day malware. For these reasons, the demand for more sensitive and flexible detection models is high. In this study, we develop a hybrid mobile malware detection framework that leverages ant colony optimization (ACO) and deep neural networks (DNNs) to improve detection accuracy, reduce the rate of false positives, and make the model resilient to new malware. AntDroidNet is a novel ACO-enabled feature selection model that dynamically reduces the feature dimensionality by selecting single instances to include the most informative properties and avoid dimensionality. A DNN is consequently constructed to train the determined set of features, improving the identified classification performance and decreasing the number of instances with false discoveries. In this way, a self-optimizing feedback loop can iteratively improve the feature selection process given the performance of the DNN, leading to a dynamic and efficient detection model. Using the CICMalDroid2020 dataset, the proposed AntDroidNet model achieves a remarkable accuracy of 99.89% and an excellent false positive rate of only 0.13% and outperforms the classical machine learning algorithms in terms of accuracy and efficiency. AntDroidNet is a scalable and powerful mobile malware detection model that eclipses all state-of-the-art methods and shows important enhancements in efficiency and reliability. By prototyping whitelisting systems, this work opens new avenues in mobile security and lays the groundwork for future work on building real-time detection components and system components able to scale to the fast pace of evolution of mobile malware in new connected ecosystems.
Article Details
Issue
Section
This work is licensed under a Creative Commons Attribution 4.0 International License.
How to Cite
References
[1] C. S. Yadav et al., “Malware analysis in IoT & android systems with defensive mechanism,” Electronics, vol. 11, no. 15, p. 2354, 2022.
[2] A. Kovács, “Ransomware: a comprehensive study of the exponentially increasing cybersecurity threat,” Insights into Reg. Dev., vol. 4, no. 2, pp. 96–104, 2022.
[3] S. M. Hadi, A. H. Alsaeedi, M. I. Dohan, R. R. Nuiaa, S. Manickam, and A. S. D. Alfoudi, “Dynamic Evolving Cauchy Possibilistic Clustering Based on the Self-Similarity Principle (DECS) for Enhancing Intrusion Detection System,” Int. J. Intell. Eng. Syst., vol. 15, no. 5, pp. 252–260, 2022, doi: 10.22266/ijies2022.1031.23.
[4] H. Oz, A. Aris, A. Levi, and A. S. Uluagac, “A survey on ransomware: Evolution, taxonomy, and defense solutions,” ACM Comput. Surv., vol. 54, no. 11s, pp. 1–37, 2022.
[5] M. Al-Hawawreh, M. Alazab, M. A. Ferrag, and M. S. Hossain, “Securing the Industrial Internet of Things against ransomware attacks: A comprehensive analysis of the emerging threat landscape and detection mechanisms,” J. Netw. Comput. Appl., p. 103809, 2023.
[6] L. Chen, C. Xia, S. Lei, and T. Wang, “Detection, traceability, and propagation of mobile malware threats,” IEEE Access, vol. 9, pp. 14576–14598, 2021.
[7] A. S. A. Albahri, M. G. Yaseen, M. Aljanabi, A. H. A. H. Ali, and A. Kaleel, “Securing tomorrow: navigating the evolving cybersecurity landscape,” Mesopotamian J. CyberSecurity, vol. 4, no. 1, pp. 1–3, 2024.
[8] Ö. Aslan, S. S. Aktuğ, M. Ozkan-Okay, A. A. Yilmaz, and E. Akin, “A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions,” Electronics, vol. 12, no. 6, p. 1333, 2023.
[9] Z. Wang, Q. Liu, and Y. Chi, “Review of android malware detection based on deep learning,” IEEE Access, vol. 8, pp. 181102–181126, 2020.
[10] P. G. Meenakshi and P. Shrivastava, “Machine learning for mobile malware analysis,” Cyber Crime Forensic Comput. Mod. Princ. Pract. Algorithms, vol. 11, p. 151, 2021.
[11] M. Gopinath and S. C. Sethuraman, “A comprehensive survey on deep learning based malware detection techniques,” Comput. Sci. Rev., vol. 47, p. 100529, 2023.
[12] R. R. Nuiaa, A. H. Alsaeedi, S. Manickam, D. E. J. Al-Shammary, A. H. Alsaeedi, and D. E. J. Al-Shammary, “Evolving Dynamic Fuzzy Clustering (EDFC) to Enhance DRDoS_DNS Attacks Detection Mechnism,” Int. J. Intell. Eng. Syst., vol. 15, no. 1, pp. 509–5019, 2022, doi: 10.22266/ijies2022.0228.46.
[13] S. P. Rao, H.-Y. Chen, and T. Aura, “Threat modeling framework for mobile communication systems,” Comput. Secur., vol. 125, p. 103047, 2023.
[14] R. R. Nuiaa et al., “Enhanced PSO Algorithm for Detecting DRDoS Attacks on LDAP Servers.,” Int. J. Intell. Eng. Syst., vol. 16, no. 5, 2023.
[15] H. AlOmari, Q. M. Yaseen, and M. A. Al-Betar, “A comparative analysis of machine learning algorithms for android malware detection,” Procedia Comput. Sci., vol. 220, pp. 763–768, 2023.
[16] R. R. N. Al Ogaili et al., “Malware cyberattacks detection using a novel feature selection method based on a modified whale optimization algorithm,” Wirel. Networks, pp. 1–17, 2023.
[17] L. A. E. Al-saeedi, F. J. Shakir, F. K. Hasan, G. G. Shayea, Y. L. Khaleel, and M. A. Habeeb, “Artificial Intelligence and Cybersecurity in Face Sale Contracts: Legal Issues and Frameworks,” Mesopotamian J. Cybersecurity, vol. 4, no. 2, pp. 129–142, 2024.
[18] R. Islam, M. I. Sayed, S. Saha, M. J. Hossain, and M. A. Masud, “Android malware classification using optimum feature selection and ensemble machine learning,” Internet Things Cyber-Physical Syst., vol. 3, pp. 100–111, 2023.
[19] J. Yang, H. Li, L. He, T. Xiang, and Y. Jin, “MDADroid: A novel malware detection method by constructing functionality-API mapping,” Comput. Secur., vol. 146, p. 104061, 2024.
[20] Y. Zhou, G. Cheng, S. Yu, Z. Chen, and Y. Hu, “MTDroid: A Moving Target Defense based Android Malware Detector against Evasion Attacks,” IEEE Trans. Inf. Forensics Secur., 2024.
[21] A. I. Gide and A. A. Mu’azu , Trans., “A Real-Time Intrusion Detection System for DoS/DDoS Attack Classification in IoT Networks Using KNN-Neural Network Hybrid Technique ”, BJIoT, vol. 2024, pp. 60–69, Jul. 2024, doi: 10.58496/BJIoT/2024/008.
[22] P. Tarwireyi, A. Terzoli, and M. O. Adigun, “Meta-SonifiedDroid: Metaheuristics for Optimizing Sonified Android Malware Detection,” IEEE Access, 2024.
[23] P. Tarwireyi, A. Terzoli, and M. O. Adigun, “Using multi-audio feature fusion for android malware detection,” Comput. Secur., vol. 131, p. 103282, 2023.
[24] N. Xie, Z. Qin, and X. Di, “GA-StackingMD: Android malware detection method based on genetic algorithm optimized stacking,” Appl. Sci., vol. 13, no. 4, p. 2629, 2023.
[25] S. Mahdavifar, A. F. A. Kadir, R. Fatemi, D. Alhadidi, and A. A. Ghorbani, “Dynamic android malware category classification using semi-supervised deep learning,” in 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), IEEE, 2020, pp. 515–522.
[26] H. H. R. Manzil and S. Manohar Naik, “Android malware category detection using a novel feature vector-based machine learning model,” Cybersecurity, vol. 6, no. 1, 2023, doi: 10.1186/s42400-023-00139-y.
[27] H. A. Salman and A. Alsajri, “The Evolution of Cybersecurity Threats and Strategies for Effective Protection. A review”, SHIFRA, vol. 2023, pp. 73–85, Aug. 2023, doi: 10.70470/SHIFRA/2023/009.
[28] A. R. Nasser, A. M. Hasan, and A. J. Humaidi, “DL-AMDet: Deep learning-based malware detector for android,” Intell. Syst. with Appl., vol. 21, p. 200318, 2024.
[29] F. Ullah, S. Ullah, M. R. Naeem, L. Mostarda, S. Rho, and X. Cheng, “Cyber-threat detection system using a hybrid approach of transfer learning and multi-model image representation,” Sensors, vol. 22, no. 15, p. 5883, 2022.
[30] R. Surendran, M. M. Uddin, T. Thomas, and G. Pradeep, “Android Malware Detection Based on Informative Syscall Subsequences,” IEEE Access, 2024.
[31] Y. L. Khaleel, M. A. Habeeb, and H. Alnabulsi , Trans., “Adversarial Attacks in Machine Learning: Key Insights and Defense Approaches ”, Applied Data Science and Analysis, vol. 2024, pp. 121–147, Aug. 2024, doi: 10.58496/ADSA/2024/011.