A Robust Approach for Android Malware Detection Based on Deep Learning

被引：0

作者：

Li P.-W. ^{[1
]}

Jiang Y.-Q. ^{[1
]}

Xue F.-Y. ^{[1
]}

Huang J.-J. ^{[1
]}

Xu C. ^{[1
]}

机构：

[1] School of Information Engineering, Nanjing Audit University, Nanjing, 211815, Jiangsu

来源：

Tien Tzu Hsueh Pao/Acta Electronica Sinica | 2020年 / 48卷 / 08期

关键词：

Android malware; Deep learning; Dynamic analysis; LSTM; Static analysis;

D O I：

10.3969/j.issn.0372-2112.2020.08.007

中图分类号：

学科分类号：

摘要：

Conventional Android malware detection method can easily be evaded.In this study, we propose a detection method of Android malicious code based on short-term memory network(LSTM), which makes malware more difficult to evade from detection.In this method, a program analysis framework that combines static and dynamic analysis is proposed at first to get the permission information, protection information and behavior information.Secondly, entrenched features such as ability features and behavior features are extracted from the information that provided by the program analysis framework.With the entrenched features, we design a malware detection method based on LSTM model to distinguish benign applications from the malicious ones.Experimental results demonstrate that our approach is more effective and robust in Android malware detection than the state-of-the-art methods. © 2020, Chinese Institute of Electronics. All right reserved.

引用

页码：1502 / 1508

页数：6

共 30 条

[1] Naway A, Li Y., A review on the use of deep learning in android malware detection, International Journal of Computer Science and Mobile Computing, 7, 10, pp. 42-58, (2018)
[2] Huang H, Cong Z, Zeng J, Et al., Android malware development on public malware scanning platforms: A large-scale data-driven study, Proceedings of the IEEE International Conference on Big Data, pp. 1090-1099, (2016)
[3] Yang W, Zhang Y, Li J, Et al., Appspear: Bytecode decrypting and dex reassembling for packed android malware, International Workshop on Recent Advances in Intrusion Detection, pp. 359-381, (2015)
[4] Yue Hongzhou, Zhang Yuqing, Wang Wenjie, Et al., Android static taint analysis of dynamic loading and reflection mechanism, Journal of Computer Research and Development, 54, 2, pp. 313-327, (2017)
[5] Wang X, Zhu S, Zhou D, Et al., Droid-AntiRM: Taming control flow anti-analysis to support automated dynamic analysis of android malware, Proceedings of the 33rd Annual Computer Security Applications Conference, pp. 350-361, (2017)
[6] Hoffmann J, Ussath M, Holz T, Et al., Slicing droids: Program slicing for smali code, Proceedings of the 28th Annual ACM Symposium on Applied Computing, pp. 1844-1851, (2013)
[7] Arzt S, Rasthofer S, Fritz C, Et al., Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android Apps, ACM SIGPLAN Notices, 49, 6, pp. 259-269, (2014)
[8] Li L, Bartel A, Klein J, Et al., I know what leaked in your pocket: Uncovering privacy leaks on android apps with static taint analysis, (2014)
[9] Enck W, Gilbert P, Han S, Et al., TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones, ACM Transactions on Computer Systems(TOCS), 32, 2, (2014)
[10] Arp D, Spreitzenbarth M, Hubner M, Et al., DREBIN: Effective and explainable detection of android malware in your pocket, Proceedings of the Network and Distributed System Security Symposiu, pp. 1-12, (2014)

← 1 2 3 →