ИСПОЛЬЗОВАНИЕ АЛГОРИТМОВ МАШИННОГО ОБУЧЕНИЯ ДЛЯ ОБНАРУЖЕНИЯ ВРЕДОНОСНЫХ ПРИЛОЖЕНИЙ НА ПЛАТФОРМЕ ANDROID

Аннотация

The work brings forward the methods for the application of the machine-learning algorithm in identifying the presence of malicious programs on the Android platform. In the modern world, Android devices are the most widely used and at the same time bring a great risk for other computer systems due to malicious attacks or software opportunities. The traditional method for detecting malicious applications depends either on static and dynamic analyses. However, conventional methods are already becoming ineffective since these codes have gradually become so sophisticated. This challenge can be met through machine learning, whereby the Black Box is able to predict with high accuracy potential malicious conduct patterns by analyzing target behavior applications.

Android malware detection importance is pegged on the rapidly evolving hostile applications that are readily available in the Android Operating system. In this work, the authors present a comparison of three classifiers: RandomForestClassifier, LGBMClassifier, and XGBClassifier using various preprocessing and sampling schemes so as to achieve the novel goal of inter-class learning for malware detection. Our analysis shows that the best models are obtained when using RobustScaler and SMOTE in conjunction with a RandomForestClassifier, since it generates more accurate models and best results considering both precision and recall. The LGBMClassifier and XGBClassifier look good, but they do not quite reach the same level of efficiency as the best-performing model, RandomForestClassifier.

It also points out that the present research underlines suitable preprocessing and sampling methods in order to enhance model performance. The results make suggestions on the improvements that should be made in Machine Learning systems targeting malware detection for further advancement of cybersecurity solutions.