Opcode sequence analysis of Android malware by a convolutional neural network

2019 ◽  
Vol 32 (18) ◽  
Author(s):  
Dan Li ◽  
Lichao Zhao ◽  
Qingfeng Cheng ◽  
Ning Lu ◽  
Wenbo Shi
Keyword(s):  
Neural Network ◽  
Sequence Analysis ◽  
Convolutional Neural Network ◽  
Android Malware ◽  
Opcode Sequence

Apk2Img4AndMal: Android Malware Detection Framework Based on Convolutional Neural Network

2021 ◽  
Author(s):  
Oguz Emre Kural ◽  
Durmus Ozkan Sahin ◽  
Sedat Akleylek ◽  
Erdal Kilic ◽  
Murat Omural
Keyword(s):  
Neural Network ◽  
Convolutional Neural Network ◽  
Malware Detection ◽  
Android Malware ◽  
Android Malware Detection

scholarly journals A Hierarchical Approach for Android Malware Detection Using Authorization-Sensitive Features

Electronics ◽  
2021 ◽  
Vol 10 (4) ◽  
pp. 432
Author(s):  
Hui Chen ◽  
Zhengqiang Li ◽  
Qingshan Jiang ◽  
Abdur Rasool ◽  
Lifei Chen
Keyword(s):  
Neural Network ◽  
Convolutional Neural Network ◽  
Malware Detection ◽  
Classification Model ◽  
Gradient Boosting ◽  
Basic Block ◽  
Hierarchical Approach ◽  
Android Malware ◽  
Android Malware Detection ◽  
Extreme Gradient Boosting

Android’s openness has made it a favorite for consumers and developers alike, driving strong app consumption growth. Meanwhile, its popularity also attracts attackers’ attention. Android malware is continually raising issues for the user’s privacy and security. Hence, it is of great practical value to develop a scientific and versatile system for Android malware detection. This paper presents a hierarchical approach to design a malware detection system for Android. It extracts four authorization-sensitive features: basic blocks, permissions, Application Programming Interfaces (APIs), and key functions, and layer-by-layer detects malware based on the similar module and the proposed deep learning model Convolutional Neural Network and eXtreme Gradient Boosting (CNNXGB). This detection approach focuses not only on classification but also on the details of the similarities between malware software. We serialize the key function in light of the sequence of API calls and pick up a similar module that captures the global semantics of malware. We propose a new method to convert the basic block into a multichannel picture and use Convolutional Neural Network (CNN) to learn features. We extract permissions and API calls based on their called frequency and train the classification model by XGBoost. A dynamic similar module feature library is created based on the extracted features to assess the sample’s behavior. The model is trained by utilizing 11,327 Android samples collected from Github, Google Play, Fdroid, and VirusShare. Promising experimental results demonstrate a higher accuracy of the proposed approach and its potential to detect Android malware attacks and reduce Android users’ security risks.

scholarly journals Android Malware Classification Using Deep Learning CNN with Co-occurrence Matrix Feature 

2020 ◽  
Vol 31 (1) ◽  
pp. 9-17
Keyword(s):  
Neural Network ◽  
Deep Learning ◽  
Convolutional Neural Network ◽  
Image Recognition ◽  
High Accuracy ◽  
Experimental Results ◽  
Android Malware ◽  
Malware Classification ◽  
Occurrence Matrix ◽  
Very High

Recently, deep learning has been widely applying to speech and image recognition. Convolutional neural network (CNN) is one of the main categories to do image classifications with very high accuracy. In Android malware classification field, many works have been trying to convert Android malwares into “images” to make them well-matched with the CNN input to take advantage of the CNN model. The performance, however, is not significantly improved because simply converting malwares into images may lack several important features of the malwares. This paper proposes a method for improving the feature set of Android malware classification based on co-concurrence matrix (co-matrix). The co-matrix is established based on a list of raw features extracted from .apk files. The proposed feature can take the advantage of CNN while remaining important features of the Android malwares. Experimental results of CNN model conducted on a very popular Android malware dataset, Drebin, prove the feasibility of our proposed co-matrix feature.

Image-based Android Malware Family Classification Using Convolutional Neural Network

2021 ◽  
Vol 27 (4) ◽  
pp. 189-197
Author(s):  
Munyeong Kang ◽  
Seonghyun Park ◽  
Jihyeon Park ◽  
Seong-je Cho ◽  
Minkyu Park
Keyword(s):  
Neural Network ◽  
Convolutional Neural Network ◽  
Android Malware ◽  
Family Classification
Sign in / Sign up

Export Citation Format

Share Document