Cloud of Word vs DroidKungfu: Performance evaluation in detecting root exploit malware with deep learning approach
Android mobile malware is a type of malware that execute malicious activities (stealing and collecting data and running programs without the user's knowledge) in victims' Android mobile device. There are several types of malware, for instance; 1) Root exploit; 2) Botnet; 3) Trojan; and 4)...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English English |
| Published: |
IEEE
2023
|
| Subjects: | |
| Online Access: | http://umpir.ump.edu.my/id/eprint/42254/2/Paper-Akmal-2023-Cloud_of_Word_vs_DroidKungfu.pdf http://umpir.ump.edu.my/id/eprint/42254/8/Cloud%20of%20Word%20vs%20DroidKungfu%20-%20Performance%20evaluation%20in%20detecting%20root%20exploit%20malware%20with%20deep%20learning%20approach.pdf http://umpir.ump.edu.my/id/eprint/42254/ https://doi.org/10.1109/ICSECS58457.2023.10256304 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.ump.umpir.42254 |
|---|---|
| record_format |
eprints |
| spelling |
my.ump.umpir.422542024-10-21T01:41:26Z http://umpir.ump.edu.my/id/eprint/42254/ Cloud of Word vs DroidKungfu: Performance evaluation in detecting root exploit malware with deep learning approach Che Akmal, Che Yahaya Ahmad Firdaus, Zainal Abidin Azlee, Zabidi Noor Akma, Abu Bakar Mukrimah, Nawir Philima Normelissa Ani, Abdul Malek QA76 Computer software Android mobile malware is a type of malware that execute malicious activities (stealing and collecting data and running programs without the user's knowledge) in victims' Android mobile device. There are several types of malware, for instance; 1) Root exploit; 2) Botnet; 3) Trojan; and 4) Ransomware. Among these, root exploit is the most dangerous as it is able to gain control over the root privileges of an operating system (OS) stealthily, avoids security software scanning, and further installs other types of malware. Moreover, there are multiple types of root exploit families that attack Android, such as Droidkungfu, Droiddream, and Asroot. However, Droidkungfu possesses the highest number of samples among other families and able to survive with updated versions (version one until six). Therefore, the updated version could be increasing in the future. Furthermore, finding the best features in detecting root exploit is challenging, as the categories (permission, system calls, and intent) are many to choose from. Moreover, finding the ideal number of features is challenging as well, as it is able to affect machine learning detection. Thus, this study focuses to develop a solid model to predict undiscovered Droidkungfu by converting all the codes in images and adopted a Convolutional neural network (CNN) with Word of Cloud (WoC) to discover features automatically without considering the categories and number of features in the code. Among all parameters in evaluation, the highest result is 96 % accuracy in predicting unknown Droidkungfu and proved to detect new versions of this family in the future. IEEE 2023 Conference or Workshop Item PeerReviewed pdf en http://umpir.ump.edu.my/id/eprint/42254/2/Paper-Akmal-2023-Cloud_of_Word_vs_DroidKungfu.pdf pdf en http://umpir.ump.edu.my/id/eprint/42254/8/Cloud%20of%20Word%20vs%20DroidKungfu%20-%20Performance%20evaluation%20in%20detecting%20root%20exploit%20malware%20with%20deep%20learning%20approach.pdf Che Akmal, Che Yahaya and Ahmad Firdaus, Zainal Abidin and Azlee, Zabidi and Noor Akma, Abu Bakar and Mukrimah, Nawir and Philima Normelissa Ani, Abdul Malek (2023) Cloud of Word vs DroidKungfu: Performance evaluation in detecting root exploit malware with deep learning approach. In: 8th IEEE International Conference on Software Engineering and Computer Systems, ICSECS 2023 , 25 - 27 August 2023 , Penang, Malaysia. pp. 217-222. (192961). ISBN 979-8-3503-1093-1 (Published) https://doi.org/10.1109/ICSECS58457.2023.10256304 |
| institution |
Universiti Malaysia Pahang Al-Sultan Abdullah |
| building |
UMPSA Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Malaysia Pahang Al-Sultan Abdullah |
| content_source |
UMPSA Institutional Repository |
| url_provider |
http://umpir.ump.edu.my/ |
| language |
English English |
| topic |
QA76 Computer software |
| spellingShingle |
QA76 Computer software Che Akmal, Che Yahaya Ahmad Firdaus, Zainal Abidin Azlee, Zabidi Noor Akma, Abu Bakar Mukrimah, Nawir Philima Normelissa Ani, Abdul Malek Cloud of Word vs DroidKungfu: Performance evaluation in detecting root exploit malware with deep learning approach |
| description |
Android mobile malware is a type of malware that execute malicious activities (stealing and collecting data and running programs without the user's knowledge) in victims' Android mobile device. There are several types of malware, for instance; 1) Root exploit; 2) Botnet; 3) Trojan; and 4) Ransomware. Among these, root exploit is the most dangerous as it is able to gain control over the root privileges of an operating system (OS) stealthily, avoids security software scanning, and further installs other types of malware. Moreover, there are multiple types of root exploit families that attack Android, such as Droidkungfu, Droiddream, and Asroot. However, Droidkungfu possesses the highest number of samples among other families and able to survive with updated versions (version one until six). Therefore, the updated version could be increasing in the future. Furthermore, finding the best features in detecting root exploit is challenging, as the categories (permission, system calls, and intent) are many to choose from. Moreover, finding the ideal number of features is challenging as well, as it is able to affect machine learning detection. Thus, this study focuses to develop a solid model to predict undiscovered Droidkungfu by converting all the codes in images and adopted a Convolutional neural network (CNN) with Word of Cloud (WoC) to discover features automatically without considering the categories and number of features in the code. Among all parameters in evaluation, the highest result is 96 % accuracy in predicting unknown Droidkungfu and proved to detect new versions of this family in the future. |
| format |
Conference or Workshop Item |
| author |
Che Akmal, Che Yahaya Ahmad Firdaus, Zainal Abidin Azlee, Zabidi Noor Akma, Abu Bakar Mukrimah, Nawir Philima Normelissa Ani, Abdul Malek |
| author_facet |
Che Akmal, Che Yahaya Ahmad Firdaus, Zainal Abidin Azlee, Zabidi Noor Akma, Abu Bakar Mukrimah, Nawir Philima Normelissa Ani, Abdul Malek |
| author_sort |
Che Akmal, Che Yahaya |
| title |
Cloud of Word vs DroidKungfu: Performance evaluation in detecting root exploit malware with deep learning approach |
| title_short |
Cloud of Word vs DroidKungfu: Performance evaluation in detecting root exploit malware with deep learning approach |
| title_full |
Cloud of Word vs DroidKungfu: Performance evaluation in detecting root exploit malware with deep learning approach |
| title_fullStr |
Cloud of Word vs DroidKungfu: Performance evaluation in detecting root exploit malware with deep learning approach |
| title_full_unstemmed |
Cloud of Word vs DroidKungfu: Performance evaluation in detecting root exploit malware with deep learning approach |
| title_sort |
cloud of word vs droidkungfu: performance evaluation in detecting root exploit malware with deep learning approach |
| publisher |
IEEE |
| publishDate |
2023 |
| url |
http://umpir.ump.edu.my/id/eprint/42254/2/Paper-Akmal-2023-Cloud_of_Word_vs_DroidKungfu.pdf http://umpir.ump.edu.my/id/eprint/42254/8/Cloud%20of%20Word%20vs%20DroidKungfu%20-%20Performance%20evaluation%20in%20detecting%20root%20exploit%20malware%20with%20deep%20learning%20approach.pdf http://umpir.ump.edu.my/id/eprint/42254/ https://doi.org/10.1109/ICSECS58457.2023.10256304 |
| _version_ |
1822924693225603072 |
| score |
13.234278 |