A Deep Neural Network Model for Malware Detection

Year 2021, Volume: 4 Issue: 1, 1 - 14, 05.06.2021

Fatima Bourebaa , Mohamed Benmohammed

Abstract

Parallel to the adoption of mobile technology in our daily lives, there is a growing and increasing proliferation of cyber frauds and malicious content. Mobile malware can exploit the vulnerabilities of the device, modify, disclose or erase confidential data, such as credit card numbers, passwords, medical data, contacts, or even block the device asking for a ransom. In this paper, we leverage the possibilities of deep fully-connected neural networks, using permissions and Application Programming Interfaces APIs as features, to automatically and efficiently detect Android malware. We achieved a score of 88.9\% using a feed-forward of 128x128x1, 2-hidden layers configuration.

Keywords

Neural networks, Android Malware Detection, Smartphone Security

Thanks

The authors would like to thank the Koodous administrators for their effort in collecting and sharing the academic malware dataset.

References

• \bibitem{koodous} Koodous Dataset web site - \url{http://koodous.com}, last accessed july 2020.
• \bibitem{Gdata} \url{https://www.gdatasoftware.com/news/2019/07/35228-mobile-malware-report-no-let-up-with-android-malware}, last accessed august 2020.
• \bibitem{Mamadroid} E. Mariconti and L. Onwuzurike and al \textit{MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models}, in (CoRR, 2016).
• \bibitem{Droidminer} Aafer Y., Du W., Yin H. (2013) \textit{DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android}. In: Zia T., Zomaya A., Varadharajan V., Mao M. (eds) Security and Privacy in Communication Networks. SecureComm 2013. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 127. Springer, Cham.
• \bibitem{DroidminerroidMat} D. Wu, C. Mao, T. Wei, H. Lee and K. Wu, \textit{DroidMat: Android Malware Detection through Manifest and API Calls Tracing } 2012 Seventh Asia Joint Conference on Information Security, Tokyo, 2012, pp. 62-69.
• \bibitem{Drebin} Arp, Daniel, et al. D\textit{Drebin: Effective and explainable detection of android malware in your pocket}. Ndss. Vol. 14. 2014. \bibitem{SVM} Sun, Junmei, et al. \textit{Malware detection on Android smartphones using keywords vector and SVM}. 2017 IEEE/ACIS 16th International Conference on Computer and Information Science (ICIS). IEEE, 2017.
• \bibitem{RandomF2} Santosh Joshi, Himanshu Upadhyay, Leonel Lagos, Naga Suryamitra Akkipeddi, and Valerie Guerra. 2018. \textit{Machine Learning Approach for Malware Detection Using Random Forest Classifier on Process List Data Structure}. In Proceedings of the 2nd International Conference on Information System and Data Mining (ICISDM ’18). Association for Computing Machinery, New York, NY, USA, 98–102.
• \bibitem{Droid-sec} Yuan, Zhenlong, et al. \textit{Droid-sec: deep learning in android malware detection} . ACM SIGCOMM Computer Communication Review. Vol. 44. No. 4. ACM, 2014.
• \bibitem{Papernot} Nicolas Papernot and Patrick D. McDaniel. \textit{Deep k-Nearest Neighbors: Towards Confident, Interpretable and Robust Deep Learning}. arXiv:1803.04765, 2018.
• \bibitem{Martinelli} Fabio Martinelli, Fiammetta Marulli, Francesco Mercaldo, \textit{EvaluatingConvolutional Neural Network for Effective Mobile Malware Detection}, Procedia Computer Science, Volume 112, Pages 2372-2381, ISSN 1877-0509, 2017.
• \bibitem{StormDroid} Sen Chen,. Minhui Xue,. Zhushou Tang,. Lihua Xu,. Haojin Zhu . \textit{StormDroid: A Streaminglized Machine Learning-Based System for Detecting Android Malware}, Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pp 377-388 , 2016. .
• \bibitem{yakurama} Yakura, Hiromu, et al. \textit{Malware analysis of imaged binary samples by convolutional neural network with attention mechanism}. Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy. ACM, 2018.
• \bibitem{cnn} Qin Zheng, Danish Vasan, Mamoun Alazab, Sobia Wassan, Hamad Naeem, Babak Safaei, \textit{IMCFN: Image-based malware classification using fine-tuned Convolutional neural network architecture}, Computer Networks Journal, volume 171, 2020.
• \bibitem{PermPairs} A. Arora, S.K. Peddoju and M. Conti. \textit{PermPair : Android Malware Detection Using Permission Pairs}. IEEE Transactions on Information Forensics and Security. PP. 1-15.volume 15, 2020.
• \bibitem{IPDroid} K. Khariwal, J. Singh and A. Arora, \textit{IPDroid: Android Malware Detection using Intents and Permissions}, 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4), London, UK, 2020, pp. 197-202, doi:10.1109/WorldS450073.2020.9210414.