Apk2audio4andmal: Audio Based Malware Family Detection Framework

Abstract

Due to Android's popularity, cybercriminals view it as a lucrative target. Malwares with varying behavior patterns that specifically target user routines are constantly entering the market. Because of this, knowing how to identify different forms of malware is crucial for protecting against it. This paper proposes an audio-based malware family detection approach to achieve this goal. Android applications were converted to audio files in.wav format, and their audio-based features were extracted. Then, CFS-Subset, ReliefF, Information Gain, and Gain Ratio feature selection methods were applied to the extracted features. By examining the subsets obtained, features with high discrimination in Android malware family detection were determined. Classification experiments were conducted with the dataset created by randomly selected 500 samples from 8 families in AMD and Drebin datasets. Experiments with five different classifiers showed that effective malware family classification could be made with a small number of features in the audio domain.