NORMA eResearch @NCI Library

Android botnet detection using signature data and Ensemble Machine Learning

Kudtarkar, Viraj (2020) Android botnet detection using signature data and Ensemble Machine Learning. Masters thesis, Dublin, National College of Ireland.

[img]
Preview
PDF (Master of Science)
Download (780kB) | Preview
[img]
Preview
PDF (Configuration manual)
Download (1MB) | Preview

Abstract

As the use of smartphones has increased intensely in the past decade for daily activities such as socialising, banking, online shopping and communicating with friends and family. Android operating system is very popular and used universally for smartphones and tablets. Therefore, threats for this android platform is emerging very rapidly. Exploiting smartphones are comparatively easy and more effective than exploiting traditional computer systems and thus attackers started developing applications with hidden botnet capabilities. These applications use to take control of user’s device without his permission to steal sensitive data or launch denial-of-service attack with the help of Command and Control (C&C) servers. There are many proposed solutions available to detect botnet application using various approaches. In this paper, I proposed a hybrid model for botnet detection using a combination of signature-based detection at initial layer to perform abrupt detection. At 2nd layer ensemble machine learning method is used to identify botnet components with the help of extracted permissions and intents via static analysis. I compared 5 machine learning classifier algorithms and selected three with highest accuracy to create ensemble model. To extract the features to prepare efficient dataset for training and testing of this machine learning model I analyse 375 applications with botnet capabilities and 1105 benign applications from CICInvesAndMal2019 dataset which is novel and publicly available for researchers by the Canadian Institute for Cybersecurity. To confirm this result, we used Virus Total as a reference point which also showed comparable results of botnet detection. In this experiment, we successfully obtain 95.4% accuracy with the Logistic Regression classifier which was slightly increased to 95.8% after assembling top three algorithms.
Keywords: Android Botnets, Ensemble Machine Learning, Signature-Based detection, Permissions, Intents, and DDoS prevention.

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science

Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Dan English
Date Deposited: 27 Jan 2021 16:41
Last Modified: 27 Jan 2021 16:41
URI: http://norma.ncirl.ie/id/eprint/4502

Actions (login required)

View Item View Item