MUDROID: Android malware detection and classification based on permission and behavior for autonomous vehicles

Abstract

AbstractWith the growing popularity of autonomous vehicles, ensuring their safety has become a significant concern. Vehicle manufacturers have incorporated the Android operating system to enhance user convenience. However, the Android operating system's diversity and vulnerability may significantly impact autonomous vehicles because these natures lead to a critical threat in autonomous vehicle security: Android malware. The complex nature of multi‐data sources fusion in autonomous driving systems has resulted in low detection efficiency and accuracy for Android malware. Given the security requirements for autonomous‐driving systems, this article presents an Android malware classification method centered around the multifeature fusion and deep learning architecture designed to detect and classify Android malware within autonomous‐driving systems. The proposed MUDROID framework relies on the Android permission mechanism and behavioral feature to formulate a malware classification model. Comprising four essential components—feature extraction, representation, multifeature fusion, and classifier training, MUDROID leverages the advantages of CNN and GCN combination model and is adept at extracting and interpreting multidimensional features, consequently constructing a multifeature fusion classifier to amplify the efficiency and accuracy of Android malware detection and classification. The experiment results support MUDROID's superior classification performance, with an impressive Android malware detection accuracy rate of 98.69% and family classification (95.42%). The proposed method can detect and classify Android malware effectively, thus elevating the security and robustness of the self‐driving system. Additionally, the approach in this article also addresses feature representation issues in detecting malware variants, facilitating the recognition of Android malware variants across diverse platforms.