Citation
Mimi, Mousumi Ahmed and Ng, Hu and Yap, Timothy Tzen Vun (2025) Directional features and rule-based labeling for real-time network traffic-based android spyware classification. The Journal of Supercomputing, 81 (8). ISSN 1573-0484![]() |
Text
2.pdf - Published Version Restricted to Repository staff only Download (3MB) |
Abstract
This study addresses the critical challenge of detecting Android spyware in real time, emphasizing cybersecurity risks and the limitations of existing approaches. Previous works rely on signature-based methods or static network traffic analysis, which are effective for known spyware but fail to capture dynamic and evolving spyware behaviors in real-time environments. This study bridges this gap by proposing real-time spyware classification approach based on network traffic analysis, utilizing directional features and rule-based labeling for enhancing spyware classification. It collects 14 spyware types with normal traffic and develops two methods: Method A (single directional) and Method B (bi-directional), applying several learning models to assess performance. Models are saved during batch processing for micro-batch and real-time analysis. Using 150 packets, micro-batch accuracy achieves 76.29 84.95% (Method A) and 74.18 83.23% (Method B), while real-time analysis achieves 74.99% (Method A) and 72.66% (Method B). XGB achieves 80.01% accuracy, advancing Android spyware classification.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | Android spyware · Spyware classifcation · Trafc analysis · Feature engineering |
Subjects: | T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK5101-6720 Telecommunication. Including telegraphy, telephone, radio, radar, television |
Divisions: | Faculty of Computing and Informatics (FCI) |
Depositing User: | Ms Suzilawati Abu Samah |
Date Deposited: | 30 Jun 2025 01:53 |
Last Modified: | 30 Jun 2025 01:53 |
URII: | http://shdl.mmu.edu.my/id/eprint/14137 |
Downloads
Downloads per month over past year
![]() |