Affiliation:
1. Xinjiang Key Laboratory of Multilingual Information Technology, School of Information Science and Engineering, Xinjiang University, People’s Republic of China
2. Xinjiang Key Laboratory of Signal Detection and Processing, School of Information Science and Engineering, Xinjiang University, People’s Republic of China
Abstract
The focus of a large amount of research on malware detection is currently working on proposing and improving neural network structures, but with the constant updates of Android, the proposed detection methods are more like a race against time. Through the analysis of these methods, we found that the basic processes of these detection methods are roughly the same, and these methods rely on professional reverse engineering tools for malware analysis and feature extraction. These tools generally have problems such as high time-space cost consumption, difficulty in achieving concurrent analysis of a large number of Apk, and the output results are not convenient for feature extraction. Is it possible to propose a general malware detection process implementation platform that optimizes each process of existing malware detection methods while being able to efficiently extract various features on malware datasets with a large number of APK? To solve this problem, we propose an automated platform, AmandaSystem, that highly integrates the various processes of deep learning-based malware detection methods. At the same time, the problem of over privilege due to the openness of Android system and thus the problem of excessive privileges has always required the accurate construction of mapping relationships between privileges and API calls, while the current methods based on function call graphs suffer from inefficiency and low accuracy. To solve this problem, we propose a new bottom-up static analysis method based on AmandaSystem to achieve an efficient and complete tool for mapping relationships between Android permissions and API calls, PerApTool. Finally, we conducted tests on three publicly available malware datasets, CICMalAnal2017, CIC-AAGM2017, and CIC-InvesAndMal2019, to evaluate the performance of AmandaSystem in terms of time efficiency of APK parsing, space occupancy, and comprehensiveness of extracted features, respectively, compared with existing methods were compared.
Subject
Artificial Intelligence,General Engineering,Statistics and Probability
Reference8 articles.
1. Curbing android permission creep;Timothy Vidas;Proceedings of the Web,2011
2. Android malware detection through hybrid features fusion and ensemble classifiers: the andropytool framework and the omnidroid dataset,;Alejandro Martín;Information Fusion,2019
3. A multimodal deep learning method for android malware detection using various features;TaeGuen Kim;IEEE Transactions on Information Forensics and Security,2018
4. Prabaharan Poornachandran and S. Sachin Kumar, Detecting android malware using long short-term memory (lstm);Vinayakumar;Journal of Intelligent & Fuzzy Systems,2018
5. An android mutation malware detection based on deep learning using visualization of importance from codes,;Yao-Saint Yen;Microelectronics Reliability,2019
Cited by
3 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. PE-FedAvg: A Privacy-Enhanced Federated Learning for Distributed Android Malware Detection;2023 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom);2023-12-21
2. Towards Obfuscation Resilient Feature Design for Android Malware Detection-KTSODroid;Electronics;2022-12-08
3. Adopting Graph-Based Machine Learning Algorithms to Classify Android Malware;INT J COMPUT SCI NET;2022