A Hybrid Deep Network Framework for Android Malware Detection

被引:17
|
作者
Zhu, Hui-Juan [1 ]
Wang, Liang-Min [1 ]
Zhong, Sheng [2 ]
Li, Yang [1 ]
Sheng, Victor S. [3 ]
机构
[1] Jiang Univ, Sch Comp Sci & Commun Engn, Zhenjiang 212013, Jiangsu, Peoples R China
[2] Nanjing Univ, Dept Comp Sci & Technol, Nanjing 210093, Jiangsu, Peoples R China
[3] Texas Tech Univ, Dept Comp Sci, Lubbock, TX 79409 USA
基金
中国国家自然科学基金; 国家重点研发计划;
关键词
Malware; Feature extraction; Smart phones; Deep learning; Static analysis; Learning systems; Support vector machines; Feature extraction or construction; machine learning; modeling and prediction; neural nets; LEARNING APPROACH; REPRESENTATION; APPS;
D O I
10.1109/TKDE.2021.3067658
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Android is a growing target for malicious software (malware) because of its popularity and functionality. Malware poses a serious threat to users' privacy, money, equipment and file integrity. A series of data-driven malware detection methods were proposed. However, there exist two key challenges for these methods: (1) how to learn effective feature representation from raw data; (2) how to reduce the dependence on the prior knowledge or human labors in feature learning. Inspired by the success of deep learning methods in the feature representation learning community, we propose a malware detection framework which starts with learning rich-features by a novel unsupervised feature learning algorithm Merged Sparse Auto-Encoder (MSAE). In order to extract more compact and discriminative feature from the rich-features to further boost the malware detection capability, a hybrid deep network learning algorithm Stacked Hybrid Learning MSAE and SDAE (SHLMD) is established by further incorporating a classical deep learning method Stacked Denoising Auto-encoders (SDAE). After that, we feed the feature learned by MSAE and SHLMD respectively to classification algorithms, e.g., Support Vector Machine (SVM) or K-NearestNeighbor (KNN), to train a malware detection model. Evaluation results on two real-world datasets demonstrate that SHLMD achieves 94.46 and 90.57 percent accuracy respectively, which outperforms the classical unsupervised feature representation learning Sparse Auto-encoder (SAE). MSAE performs similarly to SAE. SHLMD can further improve the performance of MSAE and the supervised fine-tuned method SDAE. Besides, we compare the performance of our methods with that of state-of-the-art detection approaches, including classical deep-learning-based methods. Extensive experiments show that our proposed methods are effective enough to detect Android malware.
引用
收藏
页码:5558 / 5570
页数:13
相关论文
共 50 条
  • [1] Deep Android Malware Detection
    McLaughlin, Niall
    del Rincon, Jesus Martinez
    Kang, BooJoong
    Yerima, Suleiman
    Miller, Paul
    Sezer, Sakir
    Safaei, Yeganeh
    Trickel, Erik
    Zhao, Ziming
    Doup, Adam
    Ahn, Gail Joon
    [J]. PROCEEDINGS OF THE SEVENTH ACM CONFERENCE ON DATA AND APPLICATION SECURITY AND PRIVACY (CODASPY'17), 2017, : 301 - 308
  • [2] SHIELD: A Multimodal Deep Learning Framework for Android Malware Detection
    Singh, Narendra
    Tripathy, Somanath
    Bezawada, Bruhadeshwar
    [J]. INFORMATION SYSTEMS SECURITY, ICISS 2022, 2022, 13784 : 64 - 83
  • [3] Towards Design of a Novel Android Malware Detection Framework Using Hybrid Deep Learning Techniques
    Dhabal, Gourab
    Gupta, Govind
    [J]. SOFT COMPUTING FOR SECURITY APPLICATIONS, ICSCS 2022, 2023, 1428 : 181 - 193
  • [4] Android Malware Detection Based on a Hybrid Deep Learning Model
    Lu, Tianliang
    Du, Yanhui
    Ouyang, Li
    Chen, Qiuyu
    Wang, Xirui
    [J]. SECURITY AND COMMUNICATION NETWORKS, 2020, 2020
  • [5] Effective android malware detection with a hybrid model based on deep autoencoder and convolutional neural network
    Wang, Wei
    Zhao, Mengxue
    Wang, Jigang
    [J]. JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING, 2019, 10 (08) : 3035 - 3043
  • [6] Effective android malware detection with a hybrid model based on deep autoencoder and convolutional neural network
    Wei Wang
    Mengxue Zhao
    Jigang Wang
    [J]. Journal of Ambient Intelligence and Humanized Computing, 2019, 10 : 3035 - 3043
  • [7] A lightweight deep learning-based android malware detection framework
    Ma, Runze
    Yin, Shangnan
    Feng, Xia
    Zhu, Huijuan
    Sheng, Victor S.
    [J]. EXPERT SYSTEMS WITH APPLICATIONS, 2024, 255
  • [8] Towards a 2-hybrid Android Malware Detection Test Framework
    Rodriguez-Mota, Abraham
    Jorge Escamilla-Ambrosio, Ponciano
    Morales-Ortega, Salvador
    Salinas-Rosales, Moises
    Aguirre-Anaya, Eleazar
    [J]. 2016 INTERNATIONAL CONFERENCE ON ELECTRONICS, COMMUNICATIONS AND COMPUTERS (CONIELECOMP), 2016, : 54 - 61
  • [9] MalDozer: Automatic framework for android malware detection using deep learning
    Karbab, ElMouatez Billah
    Debbabi, Mourad
    Derhab, Abdelouahid
    Mouheb, Djedjiga
    [J]. DIGITAL INVESTIGATION, 2018, 24 : S48 - S59
  • [10] Hybrid Analysis Based Cross Inspection Framework for Android Malware Detection
    Bokolo, Biodoumoye
    Sur, GaganDeep
    Liu, Qingzhong
    Yuan, Fang
    Liang, Fan
    [J]. 2022 IEEE/ACIS 20TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING RESEARCH, MANAGEMENT AND APPLICATIONS (SERA), 2022, : 99 - 105