Open Access

ARTICLE

A Learning Model to Detect Android C&C Applications Using Hybrid Analysis

Attia Qammar¹, Ahmad Karim^1,*, Yasser Alharbi², Mohammad Alsaffar², Abdullah Alharbi²

1 Department of Information Technology, Bahauddin Zakariya University, Multan, 60000, Pakistan
2 College of Computer Science and Engineering, University of Hail, Ha’il, 81451, Saudi Arabia

* Corresponding Author: Ahmad Karim. Email:

Computer Systems Science and Engineering 2022, 43(3), 915-930. https://doi.org/10.32604/csse.2022.023652

Received 15 September 2021; Accepted 25 November 2021; Issue published 09 May 2022

Abstract

Smartphone devices particularly Android devices are in use by billions of people everywhere in the world. Similarly, this increasing rate attracts mobile botnet attacks which is a network of interconnected nodes operated through the command and control (C&C) method to expand malicious activities. At present, mobile botnet attacks launched the Distributed denial of services (DDoS) that causes to steal of sensitive data, remote access, and spam generation, etc. Consequently, various approaches are defined in the literature to detect mobile botnet attacks using static or dynamic analysis. In this paper, a novel hybrid model, the combination of static and dynamic methods that relies on machine learning to detect android botnet applications is proposed. Furthermore, results are evaluated using machine learning classifiers. The Random Forest (RF) classifier outperform as compared to other ML techniques i.e., Naïve Bayes (NB), Support Vector Machine (SVM), and Simple Logistic (SL). Our proposed framework achieved 97.48% accuracy in the detection of botnet applications. Finally, some future research directions are highlighted regarding botnet attacks detection for the entire community.

---

Keywords

---