Nowadays, smartphones have captured a significant part of human life, and it has led to an increasing number of users involved with this technology. The rising number of users has encouraged hackers to generate malicious applications. Identifying these malwares is critical for preserving the security and privacy of users. The recent trend of cybersecurity shows that threats can be effectively identified using network-based detection techniques and machine learning methods. In this paper, the most important methods of machine learning were investigated for smartphone malware detection using network traffic. A wide range of malware families is used in the investigations including Adware, Ransomware, Scareware, and SMS Malware. Also, the most used and famous supervised and unsupervised machine learning methods are considered. This article benchmarked the methods from different points of view such as the required features count, the recorded traffic volume, the ability of malware family identification, and the ability of a new malware family detection. The results showed that using these methods with appropriate features and traffic volume would increase the accuracy of malware detection by about 90%. However, these methods did not show acceptable results in detecting malicious as well as new families of malware. The paper also explained some of the challenges and potential research problems in this context which can be used by the researchers interested in this field.
Key words: Android Malware, Malware Detection, Network Traffic, Machine Learning
|
