Delving into Android Malware Families with a Novel Neural Projection Method
Rafael Vega Vega,
Héctor Quintián,
Carlos Cambra,
Nuño Basurto,
Álvaro Herrero,
José Luis Calvo-Rolle
Affiliations
Rafael Vega Vega
University of A Coruña, Departamento de Ingeniería Industrial, Avda. 19 de febrero s/n, 15495, Ferrol, A Coruña, Spain
Héctor Quintián
University of A Coruña, Departamento de Ingeniería Industrial, Avda. 19 de febrero s/n, 15495, Ferrol, A Coruña, Spain
Carlos Cambra
Grupo de Inteligencia Computacional Aplicada (GICAP), Departamento de Ingeniería Civil, Escuela Politécnica Superior, Universidad de Burgos, Av. Cantabria s/n, 09006, Burgos, Spain
Nuño Basurto
Grupo de Inteligencia Computacional Aplicada (GICAP), Departamento de Ingeniería Civil, Escuela Politécnica Superior, Universidad de Burgos, Av. Cantabria s/n, 09006, Burgos, Spain
Álvaro Herrero
Grupo de Inteligencia Computacional Aplicada (GICAP), Departamento de Ingeniería Civil, Escuela Politécnica Superior, Universidad de Burgos, Av. Cantabria s/n, 09006, Burgos, Spain
José Luis Calvo-Rolle
University of A Coruña, Departamento de Ingeniería Industrial, Avda. 19 de febrero s/n, 15495, Ferrol, A Coruña, Spain
Present research proposes the application of unsupervised and supervised machine-learning techniques to characterize Android malware families. More precisely, a novel unsupervised neural-projection method for dimensionality-reduction, namely, Beta Hebbian Learning (BHL), is applied to visually analyze such malware. Additionally, well-known supervised Decision Trees (DTs) are also applied for the first time in order to improve characterization of such families and compare the original features that are identified as the most important ones. The proposed techniques are validated when facing real-life Android malware data by means of the well-known and publicly available Malgenome dataset. Obtained results support the proposed approach, confirming the validity of BHL and DTs to gain deep knowledge on Android malware.
