Android Malware Detection Based on Call Graph via Graph Neural Network

2020 ◽  
Author(s):  
Pengbin Feng ◽  
Jianfeng Ma ◽  
Teng Li ◽  
Xindi Ma ◽  
Ning Xi ◽  
...  
Keyword(s):  
Neural Network ◽  
Malware Detection ◽  
Android Malware ◽  
Call Graph ◽  
Android Malware Detection

scholarly journals Android Malware Detection Based on Structural Features of the Function Call Graph

Electronics ◽  
2021 ◽  
Vol 10 (2) ◽  
pp. 186
Author(s):  
Yang Yang ◽  
Xuehui Du ◽  
Zhi Yang ◽  
Xing Liu
Keyword(s):  
Malware Detection ◽  
Structural Features ◽  
Coarse Grained ◽  
Detection Methods ◽  
Convolutional Network ◽  
Android Malware ◽  
Call Graph ◽  
Android Apps ◽  
Android Malware Detection ◽  
Function Call

The openness of Android operating system not only brings convenience to users, but also leads to the attack threat from a large number of malicious applications (apps). Thus malware detection has become the research focus in the field of mobile security. In order to solve the problem of more coarse-grained feature selection and larger feature loss of graph structure existing in the current detection methods, we put forward a method named DGCNDroid for Android malware detection, which is based on the deep graph convolutional network. Our method starts by generating a function call graph for the decompiled Android application. Then the function call subgraph containing the sensitive application programming interface (API) is extracted. Finally, the function call subgraphs with structural features are trained as the input of the deep graph convolutional network. Thus the detection and classification of malicious apps can be realized. Through experimentation on a dataset containing 11,120 Android apps, the method proposed in this paper can achieve detection accuracy of 98.2%, which is higher than other existing detection methods.

scholarly journals BrainShield: A Hybrid Machine Learning-Based Malware Detection Model for Android Devices

Electronics ◽  
2021 ◽  
Vol 10 (23) ◽  
pp. 2948
Author(s):  
Corentin Rodrigo ◽  
Samuel Pierre ◽  
Ronald Beaubrun ◽  
Franjieh El Khoury
Keyword(s):  
Neural Network ◽  
Malware Detection ◽  
Detection Methods ◽  
Dynamic Features ◽  
Android Malware ◽  
Detection Model ◽  
The Third ◽  
Android Malware Detection ◽  
Fully Connected ◽  
Server Architecture

Android has become the leading operating system for mobile devices, and the most targeted one by malware. Therefore, many analysis methods have been proposed for detecting Android malware. However, few of them use proper datasets for evaluation. In this paper, we propose BrainShield, a hybrid malware detection model trained on the Omnidroid dataset to reduce attacks on Android devices. The latter is the most diversified dataset in terms of the number of different features, and contains the largest number of samples, 22,000 samples, for model evaluation in the Android malware detection field. BrainShield’s implementation is based on a client/server architecture and consists of three fully connected neural networks: (1) the first is used for static analysis and reaches an accuracy of 92.9% trained on 840 static features; (2) the second is a dynamic neural network that reaches an accuracy of 81.1% trained on 3722 dynamic features; and (3) the third neural network proposed is hybrid, reaching an accuracy of 91.1% trained on 7081 static and dynamic features. Simulation results show that BrainShield is able to improve the accuracy and the precision of well-known malware detection methods.

Sign in / Sign up

Export Citation Format

Share Document