Android malware detection approach based on deep belief network

doi:10.3778/j.issn.1002-8331.1706-0007

Computer Engineering and Applications ›› 2018, Vol. 54 ›› Issue (18): 125-132.DOI: 10.3778/j.issn.1002-8331.1706-0007

Previous Articles Next Articles

Android malware detection approach based on deep belief network

ZHAO Wei1，4, WANG Nan2, SU Xin3，4, ZHANG Boyun1

1.Hunan Provincial Key Laboratory of Network Investigational Technology, Hunan Police Academy, Changsha 410138, China
2.College of Mechatronic Engineering and Automation, National University of Defense Technology, Changsha 410073, China
3.Key Laboratory of Network Crime Investigation of Hunan Provincial Colleges, Hunan Police Academy, Changsha 410138, China
4.Department of Information Technology, Hunan Police Academy, Changsha 410138, China

Online:2018-09-15 Published:2018-10-16

基于深度信念网络的Android恶意应用检测方法

赵薇1，4，王楠2，苏欣3，4，张波云1

1.湖南警察学院网络侦查技术湖南省重点实验室，长沙 410138
2.国防科技大学机电工程与自动化学院，长沙 410073
3.湖南警察学院网络犯罪侦查湖南省普通高校重点实验室，长沙 410138
4.湖南警察学院信息技术系，长沙 410138

Abstract

Abstract: Because traditional machine learning algorithm cannot select distinct behavioral characteristics from huge amount of characteristics to detect unknown Android malware. To address these limitations, this paper proposes DBNSel, a malware detection approach for the Android platform based on the deep belief network model. To implement this, five types of features are extracted from the static analysis of Android apps. Then, the deep belief network model is built to learn features from Android apps. Finally, the learned features are used to detect unknown Android malware. In an experiment with 3, 986 benign apps and 3, 986 malware, DBNSel outperforms several existing malware detection approaches and achieves 99.4% detection accuracy. Moreover, DBNSel can achieve a remarkable run-time efficiency which makes it very easy to adapt to a larger scale of real-world Android malware detection.

Key words: Android malware, deep belief network, security, static analysis

摘要： 传统的机器学习算法无法有效地从海量的行为特征中选择出有本质的行为特征来对未知的Android恶意应用进行检测。为了解决这个问题，提出DBNSel，一种基于深度信念网络模型的Android恶意应用检测方法。为了实现该方法，首先通过静态分析方法从Android应用中提取5类不同的属性。其次，建立深度信念网络模型从提取到的属性中进行选择和学习。最后，使用学习到的属性来对未知类型的Android恶意应用进行检测。在实验阶段，使用一个由3 986个Android正常应用和3 986个Android恶意应用组成的数据集来验证DBNSel的有效性。实验结果表明，DBNSel的检测结果要优于其他几种已有的检测方法，并可以达到99.4%的检测准确率。此外，DBNSel具有较低的运行开销，可以适应于更大规模的真实环境下的Android恶意应用检测。

关键词: Android恶意应用, 深度信念网络, 安全, 静态分析

ZHAO Wei1，4, WANG Nan2, SU Xin3，4, ZHANG Boyun1. Android malware detection approach based on deep belief network[J]. Computer Engineering and Applications, 2018, 54(18): 125-132.

赵薇1，4，王楠2，苏欣3，4，张波云1. 基于深度信念网络的Android恶意应用检测方法[J]. 计算机工程与应用, 2018, 54(18): 125-132.

[1]	SHENG Jianhui, FAN Yinting, XIA Minjie. Physical Layer Security Performance Analysis for Wireless Sensor Network [J]. Computer Engineering and Applications, 2021, 57(8): 91-95.
[2]	WANG Zhendong, ZHANG Lin, LI Dahai. Survey of Intrusion Detection Systems for Internet of Things Based on Machine Learning [J]. Computer Engineering and Applications, 2021, 57(4): 18-27.
[3]	HUI Hui, GOU Bo, WANG Ying. Secure Transmission Scheme for Successive Relaying Networks Under Eavesdropping Environment [J]. Computer Engineering and Applications, 2021, 57(4): 77-82.
[4]	XU Xianfeng, CAI Lulu, ZHANG Li. Photovoltaic Power Generation Prediction Algorithm Based on MLP and DBN [J]. Computer Engineering and Applications, 2021, 57(3): 266-272.
[5]	WANG Yulian, LU Mingming. Interpretable Automatic Detection of Android Malware Based on Graph Embedding [J]. Computer Engineering and Applications, 2021, 57(23): 122-128.
[6]	GAO Jian, SUN Yi, WANG Runzheng, YUAN Deyu. Research on Mining Detection Model of Browser Based on Machine Learning [J]. Computer Engineering and Applications, 2021, 57(22): 125-130.
[7]	CHEN Yaoyang, CHEN Wei. Control Flow Obfuscation Technology Based on Implicit Jump [J]. Computer Engineering and Applications, 2021, 57(20): 125-132.
[8]	ZOU Jianwen, ZHAO Bo, LI Xiang, LIU Yifan, LI Jiayue. tPUF-Based Security Access Scheme for IoT Devices [J]. Computer Engineering and Applications, 2021, 57(2): 119-126.
[9]	CAO Lei, LI Zhanbin, YANG Yongsheng, ZHAO Longfei. Intrusion Detection Method Based on Two-Layer Attention Networks [J]. Computer Engineering and Applications, 2021, 57(19): 142-149.
[10]	YANG Shu, SU Fang. Distributed Data Security Integrated Application System Based on Microservices [J]. Computer Engineering and Applications, 2021, 57(18): 238-247.
[11]	SONG Shijie, CHEN Kaiyan, ZHANG Yang. Security Evaluation Framework of Deep Learning Side Channel Analysis from Information Entropy [J]. Computer Engineering and Applications, 2021, 57(17): 138-146.
[12]	TAN Lijuan, ZHENG Wei, LIU Youlin, FAN Xin, YANG Fengyu. Survey of Airborne Software Test and Verification Methods for Airworthiness Standards [J]. Computer Engineering and Applications, 2021, 57(15): 9-22.
[13]	LIU Jiajia, WU Hao, LI Panpan. Research on Edge Computing Security of Railway 5G Mobile Communication System [J]. Computer Engineering and Applications, 2021, 57(12): 1-10.
[14]	KANG Mengxuan, SONG Junping, FAN Pengfei, GAO Bowen, ZHOU Xu, LI Zhuo. Survey of Network Traffic Forecast Based on Deep Learning [J]. Computer Engineering and Applications, 2021, 57(10): 1-9.
[15]	SUN Lianshan, CHEN Xiuting, MA Shengtian. Provenance Sanitization for Indirect Dependencies Based on Uncertain Usage Edges [J]. Computer Engineering and Applications, 2021, 57(1): 126-133.

Android malware detection approach based on deep belief network

基于深度信念网络的Android恶意应用检测方法

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics