Towards Deep Learning-Based Approach for Detecting Android Malware

2019 ◽  
Vol 7 (4) ◽  
pp. 1-24 ◽  
Author(s):  
Jarrett Booz ◽  
Josh McGiff ◽  
William G. Hatcher ◽  
Wei Yu ◽  
James Nguyen ◽  
...  
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Learning Environment ◽  
Malware Detection ◽  
Extensive Study ◽  
Detection Accuracy ◽  
Android Malware ◽  
Android Malware Detection ◽  
Mobile Malware Detection ◽  
Optimal Settings

In this article, the authors implement a deep learning environment and fine-tune parameters to determine the optimal settings for the classification of Android malware from extracted permission data. By determining the optimal settings, the authors demonstrate the potential performance of a deep learning environment for Android malware detection. Specifically, an extensive study is conducted on various hyper-parameters to determine optimal configurations, and then a performance evaluation is carried out on those configurations to compare and maximize detection accuracy in our target networks. The results achieve a detection accuracy of approximately 95%, with an approximate F1 score of 93%. In addition, the evaluation is extended to include other machine learning frameworks, specifically comparing Microsoft Cognitive Toolkit (CNTK) and Theano with TensorFlow. The future needs are discussed in the realm of machine learning for mobile malware detection, including adversarial training, scalability, and the evaluation of additional data and features.

Towards Deep Learning-Based Approach for Detecting Android Malware

2021 ◽  
pp. 2193-2219
Author(s):  
Jarrett Booz ◽  
Josh McGiff ◽  
William G. Hatcher ◽  
Wei Yu ◽  
James Nguyen ◽  
...  
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Learning Environment ◽  
Malware Detection ◽  
Extensive Study ◽  
Detection Accuracy ◽  
Android Malware ◽  
Android Malware Detection ◽  
Mobile Malware Detection ◽  
Optimal Settings

In this article, the authors implement a deep learning environment and fine-tune parameters to determine the optimal settings for the classification of Android malware from extracted permission data. By determining the optimal settings, the authors demonstrate the potential performance of a deep learning environment for Android malware detection. Specifically, an extensive study is conducted on various hyper-parameters to determine optimal configurations, and then a performance evaluation is carried out on those configurations to compare and maximize detection accuracy in our target networks. The results achieve a detection accuracy of approximately 95%, with an approximate F1 score of 93%. In addition, the evaluation is extended to include other machine learning frameworks, specifically comparing Microsoft Cognitive Toolkit (CNTK) and Theano with TensorFlow. The future needs are discussed in the realm of machine learning for mobile malware detection, including adversarial training, scalability, and the evaluation of additional data and features.

Android Malware Detection Techniques: A Literature Review

2020 ◽  
Vol 14 ◽  
Author(s):  
Meghna Dhalaria ◽  
Ekta Gandotra
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Malware Detection ◽  
Future Research ◽  
Android Malware ◽  
Detection Techniques ◽  
Android Malware Detection ◽  
Future Research Directions ◽  
To Come ◽  
Tools And Techniques

Purpose: This paper provides the basics of Android malware, its evolution and tools and techniques for malware analysis. Its main aim is to present a review of the literature on Android malware detection using machine learning and deep learning and identify the research gaps. It provides the insights obtained through literature and future research directions which could help researchers to come up with robust and accurate techniques for classification of Android malware. Design/Methodology/Approach: This paper provides a review of the basics of Android malware, its evolution timeline and detection techniques. It includes the tools and techniques for analyzing the Android malware statically and dynamically for extracting features and finally classifying these using machine learning and deep learning algorithms. Findings: The number of Android users is expanding very fast due to the popularity of Android devices. As a result, there are more risks to Android users due to the exponential growth of Android malware. On-going research aims to overcome the constraints of earlier approaches for malware detection. As the evolving malware are complex and sophisticated, earlier approaches like signature based and machine learning based are not able to identify these timely and accurately. The findings from the review shows various limitations of earlier techniques i.e. requires more detection time, high false positive and false negative rate, low accuracy in detecting sophisticated malware and less flexible. Originality/value: This paper provides a systematic and comprehensive review on the tools and techniques being employed for analysis, classification and identification of Android malicious applications. It includes the timeline of Android malware evolution, tools and techniques for analyzing these statically and dynamically for the purpose of extracting features and finally using these features for their detection and classification using machine learning and deep learning algorithms. On the basis of the detailed literature review, various research gaps are listed. The paper also provides future research directions and insights which could help researchers to come up with innovative and robust techniques for detecting and classifying the Android malware.

scholarly journals Mlifdect: Android Malware Detection Based on Parallel Machine Learning and Information Fusion

2017 ◽  
Vol 2017 ◽  
pp. 1-14 ◽  
Author(s):  
Xin Wang ◽  
Dafang Zhang ◽  
Xin Su ◽  
Wenjia Li
Keyword(s):  
Machine Learning ◽  
Information Fusion ◽  
Malware Detection ◽  
Parallel Machine ◽  
Detection Methods ◽  
Detection Accuracy ◽  
Android Malware ◽  
Detection Model ◽  
Android Apps ◽  
Android Malware Detection

In recent years, Android malware has continued to grow at an alarming rate. More recent malicious apps’ employing highly sophisticated detection avoidance techniques makes the traditional machine learning based malware detection methods far less effective. More specifically, they cannot cope with various types of Android malware and have limitation in detection by utilizing a single classification algorithm. To address this limitation, we propose a novel approach in this paper that leverages parallel machine learning and information fusion techniques for better Android malware detection, which is named Mlifdect. To implement this approach, we first extract eight types of features from static analysis on Android apps and build two kinds of feature sets after feature selection. Then, a parallel machine learning detection model is developed for speeding up the process of classification. Finally, we investigate the probability analysis based and Dempster-Shafer theory based information fusion approaches which can effectively obtain the detection results. To validate our method, other state-of-the-art detection works are selected for comparison with real-world Android apps. The experimental results demonstrate that Mlifdect is capable of achieving higher detection accuracy as well as a remarkable run-time efficiency compared to the existing malware detection solutions.

scholarly journals A Comprehensive Survey on Machine Learning Techniques for Android Malware Detection

Information ◽  
2021 ◽  
Vol 12 (5) ◽  
pp. 185
Author(s):  
Vasileios Kouliaridis ◽  
Georgios Kambourakis
Keyword(s):  
Machine Learning ◽  
Performance Metrics ◽  
Malware Detection ◽  
Machine Learning Techniques ◽  
Android Malware ◽  
Detection Techniques ◽  
Android Malware Detection ◽  
Mobile Malware ◽  
Comprehensive Survey ◽  
Mobile Malware Detection

Year after year, mobile malware attacks grow in both sophistication and diffusion. As the open source Android platform continues to dominate the market, malware writers consider it as their preferred target. Almost strictly, state-of-the-art mobile malware detection solutions in the literature capitalize on machine learning to detect pieces of malware. Nevertheless, our findings clearly indicate that the majority of existing works utilize different metrics and models and employ diverse datasets and classification features stemming from disparate analysis techniques, i.e., static, dynamic, or hybrid. This complicates the cross-comparison of the various proposed detection schemes and may also raise doubts about the derived results. To address this problem, spanning a period of the last seven years, this work attempts to schematize the so far ML-powered malware detection approaches and techniques by organizing them under four axes, namely, the age of the selected dataset, the analysis type used, the employed ML techniques, and the chosen performance metrics. Moreover, based on these axes, we introduce a converging scheme which can guide future Android malware detection techniques and provide a solid baseline to machine learning practices in this field.

scholarly journals Android Malware Detection Based on a Hybrid Deep Learning Model

2020 ◽  
Vol 2020 ◽  
pp. 1-11
Author(s):  
Tianliang Lu ◽  
Yanhui Du ◽  
Li Ouyang ◽  
Qiuyu Chen ◽  
Xirui Wang
Keyword(s):  
Deep Learning ◽  
Learning Algorithms ◽  
Malware Detection ◽  
Learning Model ◽  
Machine Learning Algorithms ◽  
Detection Accuracy ◽  
Dynamic Feature ◽  
Android Malware ◽  
Android Malware Detection ◽  
Deep Learning Model

In recent years, the number of malware on the Android platform has been increasing, and with the widespread use of code obfuscation technology, the accuracy of antivirus software and traditional detection algorithms is low. Current state-of-the-art research shows that researchers started applying deep learning methods for malware detection. We proposed an Android malware detection algorithm based on a hybrid deep learning model which combines deep belief network (DBN) and gate recurrent unit (GRU). First of all, analyze the Android malware; in addition to extracting static features, dynamic behavioral features with strong antiobfuscation ability are also extracted. Then, build a hybrid deep learning model for Android malware detection. Because the static features are relatively independent, the DBN is used to process the static features. Because the dynamic features have temporal correlation, the GRU is used to process the dynamic feature sequence. Finally, the training results of DBN and GRU are input into the BP neural network, and the final classification results are output. Experimental results show that, compared with the traditional machine learning algorithms, the Android malware detection model based on hybrid deep learning algorithms has a higher detection accuracy, and it also has a better detection effect on obfuscated malware.

scholarly journals Deep-Droid: Deep Learning for Android Malware Detection

2020 ◽  
Vol 9 (12) ◽  
pp. 122-125
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Malware Detection ◽  
Learning Approaches ◽  
Android Malware ◽  
Detection Systems ◽  
Learning Framework ◽  
The Past ◽  
Android Malware Detection ◽  
Android Os

Android OS, which is the most prevalent operating system (OS), has enjoyed immense popularity for smart phones over the past few years. Seizing this opportunity, cybercrime will occur in the form of piracy and malware. Traditional detection does not suffice to combat newly created advanced malware. So, there is a need for smart malware detection systems to reduce malicious activities risk. Machine learning approaches have been showing promising results in classifying malware where most of the method are shallow learners like Random Forest (RF) in recent years. In this paper, we propose Deep-Droid as a deep learning framework, for detection Android malware. Hence, our Deep-Droid model is a deep learner that outperforms exiting cutting-edge machine learning approaches. All experiments performed on two datasets (Drebin-215 & Malgenome-215) to assess our Deep-Droid model. The results of experiments show the effectiveness and robustness of Deep-Droid. Our Deep-Droid model achieved accuracy over 98.5%.

scholarly journals Android Mobile Malware Detection Using Machine Learning: A Systematic Review

Electronics ◽  
2021 ◽  
Vol 10 (13) ◽  
pp. 1606
Author(s):  
Janaka Senanayake ◽  
Harsha Kalutarage ◽  
Mhd Omar Al-Kadri
Keyword(s):  
Machine Learning ◽  
Systematic Review ◽  
Effective Means ◽  
Malware Detection ◽  
Future Research ◽  
Android Malware ◽  
Detection Techniques ◽  
Android Malware Detection ◽  
Training Examples ◽  
Mobile Malware Detection

With the increasing use of mobile devices, malware attacks are rising, especially on Android phones, which account for 72.2% of the total market share. Hackers try to attack smartphones with various methods such as credential theft, surveillance, and malicious advertising. Among numerous countermeasures, machine learning (ML)-based methods have proven to be an effective means of detecting these attacks, as they are able to derive a classifier from a set of training examples, thus eliminating the need for an explicit definition of the signatures when developing malware detectors. This paper provides a systematic review of ML-based Android malware detection techniques. It critically evaluates 106 carefully selected articles and highlights their strengths and weaknesses as well as potential improvements. Finally, the ML-based methods for detecting source code vulnerabilities are discussed, because it might be more difficult to add security after the app is deployed. Therefore, this paper aims to enable researchers to acquire in-depth knowledge in the field and to identify potential future research and development directions.

scholarly journals Hunting Android Malware Using Multimodal Deep Learning and Hybrid Analysis Data

2021 ◽  
Author(s):  
Angelo Schranko Oliveira ◽  
Renato José Sassi
Keyword(s):  
Neural Networks ◽  
Deep Learning ◽  
Short Term Memory ◽  
Dynamic Properties ◽  
Malware Detection ◽  
Analysis Data ◽  
Knowledge Discovery In Databases ◽  
Detection Accuracy ◽  
Android Malware ◽  
Android Malware Detection

In this work, we propose a new multimodal Deep Learning (DL) Android malware detection method, Chimera, that combines both manual and automatic feature engineering by using the DL architectures, Convolutional Neural Networks (CNN), Deep Neural Networks (DNN), and Transformer Networks (TN) to perform feature learning from raw data (Dalvik Executables (DEX)), static analysis data (Android Intents & Permissions), and dynamic analysis data (system call sequences) respectively. To train and evaluate our model, we implemented the Knowledge Discovery in Databases (KDD) process and used the publicly available Android benchmark dataset Omnidroid. By leveraging a hybrid source of information to learn high-level feature representations for both the static and dynamic properties of Android applications, Chimera’s detection Accuracy, Precision, and Recall outperform classical Machine Learning (ML) algorithms, state-of-the-art Ensemble, and Voting Ensembles ML methods, as well as unimodal DL methods using CNNs, DNNs, TNs, and Long-Short Term Memory Networks (LSTM). To the best of our knowledge, this is the first work that successfully applies multimodal DL to combine those three different modalities of data using DNNs, CNNs, and TNs to learn a shared representation that can be used in Android malware detection tasks.

Sign in / Sign up

Export Citation Format

Share Document