Malware Detection Based on the Feature Selection of a Correlation Information Decision Matrix

Smartphone apps are closely integrated with our daily lives, and mobile malware has brought about serious security issues. However, the features used in existing traffic-based malware detection techniques have a large amount of redundancy and useless information, wasting the computational resources...

Full description

Saved in:
Bibliographic Details
Published inMathematics (Basel) Vol. 11; no. 4; p. 961
Main Authors Lu, Kai, Cheng, Jieren, Yan, Anli
Format Journal Article
LanguageEnglish
Published Basel MDPI AG 01.02.2023
Subjects
Algorithms
Analysis
Approximation
Artificial intelligence
Artificial neural networks
capsule network
Computer viruses
Correlation (Statistics)
Cybersecurity
Debugging
Deep learning
Effectiveness
Experiments
Feature selection
Food science
Linear programming
Machine learning
Malware
malware detection
Matrices
Methods
network traffic
Neural networks
Redundancy
Smartphones
Spyware
Testing
Traffic models
China
Online AccessGet full text

Cover

More Information
Summary:Smartphone apps are closely integrated with our daily lives, and mobile malware has brought about serious security issues. However, the features used in existing traffic-based malware detection techniques have a large amount of redundancy and useless information, wasting the computational resources of training detection models. To overcome this drawback, we propose a feature selection method; the core of the method involves choosing selected features based on high irrelevance, thereby removing redundant features. Furthermore, artificial intelligence has implemented malware detection and achieved outstanding detection ability. However, almost all malware detection models in deep learning include pooling operations, which lead to the loss of some local information and affect the robustness of the model. We also propose designing a malware detection model for malicious traffic identification based on a capsule network. The main difference between the capsule network and the neural network is that the neuron outputs a scalar, while the capsule outputs a vector. It is more conducive to saving local information. To verify the effectiveness of our method, we verify it from three aspects. First, we use four popular machine learning algorithms to prove the effectiveness of the proposed feature selection method. Second, we compare the capsule network with the convolutional neural network to prove the superiority of the capsule network. Finally, we compare our proposed method with another state-of-the-art malware detection technique; our accuracy and recall increased by 9.71% and 20.18%, respectively.
ISSN:2227-7390
2227-7390
DOI:10.3390/math11040961