Android Malware Detection Based on Behavioral-Level Features with Graph Convolutional Networks
-
Published:2023-11-28
Issue:23
Volume:12
Page:4817
-
ISSN:2079-9292
-
Container-title:Electronics
-
language:en
-
Short-container-title:Electronics
Author:
Xu Qingling12, Zhao Dawei12ORCID, Yang Shumian12, Xu Lijuan12, Li Xin12
Affiliation:
1. Key Laboratory of Computing Power Network and Information Security, Ministry of Education, Shandong Computer Science Center (National Supercomputer Center in Jinan), Qilu University of Technology (Shandong Academy of Sciences), Jinan 250014, China 2. Shandong Provincial Key Laboratory of Computer Networks, Shandong Fundamental Research Center for Computer Science, Jinan 250014, China
Abstract
Android malware detection is a critical research field due to the increasing prevalence of mobile devices and apps. Improved methods are necessary to address Android apps’ complexity and malware’s elusive nature. We propose an approach for Android malware detection based on Graph Convolutional Networks (GCNs). Our method focuses on learning the behavioral-level features of Android applications using the call graph extracted from the application’s Dex file. Combining the call graph with sensitive permissions and opcodes creates a new subgraph representing the application’s runtime behavior. Subsequently, we propose an enhanced detection model utilizing graph convolutional networks (GCNs) for Android malware detection. The experimental results demonstrate our proposed method’s high precision and accuracy in detecting malicious code. With a precision of 98.89% and an F1-score of 98.22%, our approach effectively identifies and classifies Android malicious code.
Funder
National Natural Science Foundation of China Shandong Provincial Natural Science Foundation Taishan Scholars Program Young Innovation team of colleges and universities in Shandong Province Pilot Project for Integrated Innovation of Science, Education, and Industry of Qilu University of Technology Graduate Education and Teaching Reform Research Project of Shandong Province Education Reform Project of Qilu University of Technology The Innovation Ability Pormotion Project for Small and Medium-sized Technology-based Enterprise of Shandong Province
Subject
Electrical and Electronic Engineering,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Control and Systems Engineering
Reference39 articles.
1. A survey of android malware detection with deep neural models;Qiu;ACM Comput. Surv. (CSUR),2020 2. Fan, M., Luo, X., Liu, J., Wang, M., Nong, C., Zheng, Q., and Liu, T. (2019, January 25–31). Graph embedding based familial analysis of android malware using unsupervised learning. Proceedings of the 2019 IEEE/ACM 41st International Conference on Software Engineering (ICSE), Montreal, QC, Canada. 3. Zhang, X., Zhang, Y., Zhong, M., Ding, D., Cao, Y., Zhang, Y., Zhang, M., and Yang, M. (2020, January 9–13). Enhancing state-of-the-art classifiers with api semantics to detect evolved android malware. Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event. 4. NATICUSdroid: A malware detection framework for Android using native and custom permissions;Mathur;J. Inf. Secur. Appl.,2021 5. Narayanan, A., Yang, L., Chen, L., and Jinliang, L. (2016, January 24–29). Adaptive and scalable android malware detection through online learning. Proceedings of the 2016 International Joint Conference on Neural Networks (IJCNN), Vancouver, BC, Canada.
|
|