6533b85cfe1ef96bd12bc0f8
RESEARCH PRODUCT
Evaluation of Ensemble Machine Learning Methods in Mobile Threat Detection
Sanjay KumarTimo HämäläinenAri Viinikainensubject
Computer scienceintrusion detection0211 other engineering and technologiesDecision tree02 engineering and technologycomputer.software_genreComputer securitymobiililaitteet0202 electrical engineering electronic engineering information engineeringsupervised machine learningSoarAndroid (operating system)tietoturvata113021110 strategic defence & security studiesta213business.industrymobile threatsensemble methods020206 networking & telecommunicationsFlow networkEnsemble learninganomaly detectionmachine learningkoneoppiminenMalwareThe InternetbusinesscomputerMobile devicedescription
The rapid growing trend of mobile devices continues to soar causing massive increase in cyber security threats. Most pervasive threats include ransom-ware, banking malware, premium SMS fraud. The solitary hackers use tailored techniques to avoid detection by the traditional antivirus. The emerging need is to detect these threats by any flow-based network solution. Therefore, we propose and evaluate a network based model which uses ensemble Machine Learning (ML) methods in order to identify the mobile threats, by analyzing the network flows of the malware communication. The ensemble ML methods not only protect over-fitting of the model but also cope with the issues related to the changing behavior of the attackers. The focus of this study is on android based mobile malwares due to its popularity among users. We have used ensemble methods to combine output of 5 supervised ML algorithms such as RF, PART, JRIP, J.48 and Ridor. Based on the evaluation results, the proposed model was found efficient at detecting known and unknown threats with the accuracy of 98.2%. peerReviewed
| year | journal | country | edition | language |
|---|---|---|---|---|
| 2017-12-01 |