Android Malware Detection Based on a Hybrid Deep Learning Model

In recent years, the number of malware on the Android platform has been increasing, and with the widespread use of code obfuscation technology, the accuracy of antivirus software and traditional detection algorithms is low. Current state-of-the-art research shows that researchers started applying deep learning methods for malware detection. We proposed an Android malware detection algorithm based on a hybrid deep learning model which combines deep belief network (DBN) and gate recurrent unit (GRU). First of all, analyze the Android malware; in addition to extracting static features, dynamic behavioral features with strong antiobfuscation ability are also extracted. Then, build a hybrid deep learning model for Android malware detection. Because the static features are relatively independent, the DBN is used to process the static features. Because the dynamic features have temporal correlation, the GRU is used to process the dynamic feature sequence. Finally, the training results of DBN and GRU are input into the BP neural network, and the final classification results are output. Experimental results show that, compared with the traditional machine learning algorithms, the Android malware detection model based on hybrid deep learning algorithms has a higher detection accuracy, and it also has a better detection effect on obfuscated malware.

[1]  Kabakus Abdullah Talha,et al.  APK Auditor: Permission-based Android malware detection system , 2015 .

[2]  Yee Whye Teh,et al.  A Fast Learning Algorithm for Deep Belief Nets , 2006, Neural Computation.

[3]  Lishan Ke,et al.  RoughDroid: Operative Scheme for Functional Android Malware Detection , 2018, Secur. Commun. Networks.

[4]  Tankut Acarman,et al.  Learning to detect Android malware via opcode sequences , 2020, Neurocomputing.

[5]  Bo Li,et al.  Android Malware Analysis and Detection Based on Attention-CNN-LSTM , 2019, J. Comput..

[6]  Mauro Conti,et al.  PermPair: Android Malware Detection Using Permission Pairs , 2020, IEEE Transactions on Information Forensics and Security.

[7]  Weihua Gui,et al.  A novel deep learning based fault diagnosis approach for chemical process with extended deep belief network. , 2019, ISA transactions.

[8]  Biao Huang,et al.  Hierarchical Quality-Relevant Feature Representation for Soft Sensor Modeling: A Novel Deep Learning Strategy , 2020, IEEE Transactions on Industrial Informatics.

[9]  Jinjun Chen,et al.  Detection of Malicious Code Variants Based on Deep Learning , 2018, IEEE Transactions on Industrial Informatics.

[10]  Antonella Santone,et al.  Deep learning for image-based mobile malware detection , 2020, Journal of Computer Virology and Hacking Techniques.

[11]  Jürgen Schmidhuber,et al.  LSTM: A Search Space Odyssey , 2015, IEEE Transactions on Neural Networks and Learning Systems.

[12]  Giorgio Giacinto,et al.  Stealth attacks: An extended insight into the obfuscation effects on Android malware , 2015, Comput. Secur..

[13]  Haipeng Cai,et al.  DroidCat: Effective Android Malware Detection and Categorization via App-Level Profiling , 2019, IEEE Transactions on Information Forensics and Security.

[14]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[15]  Shigeng Zhang,et al.  LSCDroid: Malware Detection Based on Local Sensitive API Invocation Sequences , 2020, IEEE Transactions on Reliability.

[16]  Zhenlong Yuan,et al.  DroidDetector: Android Malware Characterization and Detection Using Deep Learning , 2016 .