nach oben

vorheriger Artikel Correction to: Leveraging cloud computing for t...

nächster Artikel Optimal control of DAB converter backflow power...

Tipp

DroidDeep: using Deep Belief Network to characterize and detect android malware

Zeitschrift:: Soft Computing > Ausgabe 8/2020

Autoren:: Xin Su, Weiqi Shi, Xilong Qu, Yi Zheng, Xuchong Liu

» Jetzt Zugang zum Volltext erhalten

Wichtige Hinweise

Communicated by B. B. Gupta.

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Abstract

Android operating system and corresponding applications (app) are becoming increasingly popular, because the characteristics (open source, support the third-party app markets, etc.) of the Android platform, which cause the amazing pace of Android malware, poses a great threat to this platform. To solve this security issue, a comprehensive and accurate detection approach should be designed. Many research works dedicate to achieve this goal, including code analysis and machine learning methods, but these kinds of works cannot analyze large amount of Android applications comprehensively and effectively. We propose DroidDeep, which uses a Deep Belief Network model to classify Android malicious app. This proposed approach first collects 11 different kinds of static behavioral characteristics from a large amount of Android applications. Second, we design a Deep Belief Network algorithm to select unique behavioral characteristics from the collected static behavioral characteristics. Third, we detect zero-day Android malicious applications based on selected behavioral characteristics. We choose a dataset which mix with Android benign and malicious applications to evaluate the proposed method. The laboratory results show that the proposed method can obtain a higher detection accuracy (99.4%). Moreover, the proposed approach costs 6 s in average when analyzing and detecting each Android application.

Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten

Jetzt einloggen Kostenlos registrieren

Sie möchten Zugang zu diesem Inhalt erhalten? Dann informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 69.000 Bücher
über 500 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Umwelt
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Testen Sie jetzt 30 Tage kostenlos.

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 58.000 Bücher
über 300 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Testen Sie jetzt 30 Tage kostenlos.

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 50.000 Bücher
über 380 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Umwelt
Maschinenbau + Werkstoffe

Testen Sie jetzt 30 Tage kostenlos.

Jetzt informieren

Aafer Y, Du WL, Yin H (2018) Droidapiminer: Mining api-level features for robust malware detection in android. In: International conference on security and privacy in communication systems (Securecomm), pp 86–103

Apvrille L, Apvrille A (2015) Identifying unknown android malware with feature extractions and classification techniques. In: Conference on trust, security and privacy in computing and communications (Trustcom), pp 66–76

Arshad S, Shah A, Wahid A, Mehmood A, Song H (2018) SAMADroid: a novel 3-level hybrid malware detection model for android operating system. IEEE Access 6:4321–4339 CrossRef

Au KWY, Zhou Y, Huang Z (2012) Pscout: analyzing the android permission specification. In: Proceedings of the 2012 ACM conference on Computer and communications security. ACM, pp 217–228

Bengio Y (2009) Learning deep architectures for AI. Found Trends Mach Learn 2(1):1–127 CrossRef

Bengio Y, Lamblin P, Popovici D, Larochelle H (2007) Greedy layer-wise training of deep networks. Adv Neural Inf Process Syst 19:153–160

Burguera I, Zurutuza U, Nadjm-Tehrani S (2011) Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices (SPSM), pp 15–26

Chang X, Yang Y (2017) Semisupervised feature analysis by mining correlations among multiple tasks. IEEE Trans Neural Netw Learn Syst 28(10):2294–2305 MathSciNetCrossRef

Chang X, Ma Z, Lin M, Yang Y, Hauptmann A (2017a) Feature interaction augmented sparse learning for fast kinect motion detection. IEEE Trans Image Process 26(8):3911–3920 MathSciNetCrossRef

Chang X, Ma Z, Lin M, Yang Y, Zeng Z, Hauptmann A (2017b) Bi-level semantic representation analysis for multimedia event detection. IEEE Trans Cybern 47(5):1180–1197 CrossRef

Chang X, Yu Y, Yang Y, Xing P (2017c) Semantic pooling for complex event analysis in untrimmed videos. IEEE Trans Pattern Anal Mach Intell 39(8):1617–1632 CrossRef

Enck W, Ongtang M, McDaniel P (2009) On lightweight mobile phone application certification. In: Proceedings of the 16th ACM conference on computer and communications security (CCS), pp 235–245

Enck W, Octeau D, McDaniel P, Chaudhuri S (2011) A study of android application security. In: Proceedings of the 20th USENIX conference on security, pp 21–21

Enck W, Gilbert P, Chun B, Cox L, Jung J, McDaniel P, Sheth A (2014) TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans Comput Syst 32(2):5 CrossRef

Felt AP, Chin E, Hanna S, Song D, Wagner D (2011) Android permissions demystified. In: Proceedings of the 18th ACM conference on Computer and communications security (CCS), pp 627–638

Gorla A, Tavecchia I, Gross F, Zeller A (2014) Checking app behavior against app descriptions. In: Proceedings of the 36th international conference on software engineering (ICSE), pp 1025–1035

Hinton GE (2002) Training products of experts by minimizing contrastive divergence. Neural Comput 14(8):1771–1800 CrossRef

Hou S, Saas A, Chen L, Ye Y (2017) Deep4MalDroid: a deep learning framework for android malware detection based on linux kernel system call graphs. In: IEEE/WIC/ACM international conference on web intelligence workshops (WIW), pp 104–111

Hubner MH, Arp GD, Spreitzenbarth M, Rieck K (2014) Drebin: effective and explainable detection of android malware in your pocket. In: Network and distributed system security symposium (NDSS), pp 1–12

Jung J, Kim H, Shin D, Lee M, Lee H, Cho S, Suh K (2018) Android malware detection based on useful API calls and machine learning. In: 2018 IEEE first international conference on artificial intelligence and knowledge engineering, vol 1, pp 175–178

Kang H, Jang J, Mohaisen A (2015) Detecting and classifying android malware using static analysis along with creator information. Int J Distrib Sens Netw 11(6):1–9

Li Z, Nie F, Chang X, Yang Y (2017) Beyond trace ratio: weighted harmonic mean of trace ratios for multiclass discriminant analysis. IEEE Trans Knowl Data Eng 29(10):2100–2110 CrossRef

Li J, Sun L, Yan Q, Li Z, Srisa-an W, Ye H (2018a) Significant permission identification for machine-learning-based android malware detection. IEEE Trans Ind Inf 14(7):3216–3225 CrossRef

Li J, Wang Z, Tang J, Yang Y, Zhou Y (2018b) An android malware detection system based on feature fusion. Chin J Electron 27(6):1206–1213 CrossRef

Li W, Wang Z, Cai J, Cheng S (2018c) An android malware detection approach using weight-adjusted deep learning. In: 2018 international conference on computing, networking and communications, pp 437–441

Li J, Sun L, Yan Q, Li Z, Srisa-an W, Ye H (2018d) Significant permission identification for machine-learning-based android malware detection. IEEE Trans Ind Inform 14(7):3216–3225 CrossRef

Liang S, Sun W, Might M (2014) Fast flow analysis with godel hashes. In: Source code analysis and manipulation working conference (SCAM), pp 225–234

Ma Z, Ge H, Liu Y, Zhao M, Ma J (2018) A combination method for android malware detection based on control flow graphs and machine learning algorithms. IEEE Access 7:21235–21245 CrossRef

Martn A, Fernndez VR, Camacho D (2018) CANDYMAN: classifying Android malware families by modelling dynamic traces with Markov chains. Eng Appl Artif Intell 74:121–133 CrossRef

Mouhib I, Ouadghiri DE, Naanani H (2017) Homomorphic encryption as a service for outsourced images in mobile cloud computing environment. Int J Cloud Appl Comput (IJCAC) 7(2):27–40

Painter N, Kadhiwala B (2018) Machine-learning-Based android malware detection techniques: a comparative analysis. In: Information and communication technology for sustainable development, vol 2017, pp 181–190

Saracino A, Sgandurra D, Dini G, Martinelli F (2018) MADAM: effective and efficient behavior-based android malware detection and prevention. IEEE Trans Dependable Secure Comput 15(1):83–97 CrossRef

Talha KA, Alper DI, Aydin C (2015) Apk auditor: permission-based android malware detection system. Digit Investig 13:1–14 CrossRef

Yan LK, Yin H (2012) Droidscope: Seamlessly reconstructing the os and Dalvik semantic views for dynamic android malware analysis. In: Proceedings of the 21st USENIX conference on security symposium (Security), pp 29–29

Yang W, Xiao XS, Andow B, Li SH, Xie T, Enck W (2015) Appcontext: Differentiating malicious and benign mobile app behaviors using context. In: Proceedings of the 37th international conference on software engineering (ICSE), pp 303–313

Yildiz O, Dogru IA (2019) Permission-based android malware detection system using feature selection with genetic algorithm. Int J Softw Eng Knowl Eng 29(02):245–262 CrossRef

Yu F, Saswat A, Isil D, Alex A (2014) Apposcopy: Semantics-based detection of android malware through static analysis. In: Proceedings of the 22nd ACM sigsoft international symposium on foundations of software engineering (FSE), pp 576–587

Yuan ZL, Lu YQ, Wang ZG, Xue YB (2014) Droid-sec: deep learning in android malware detection. In: SIGCOMM computer communication review, August 2014, vol 44, no 4, pp 371–372

Zhao K, Zhang DF, Su X, Li WJ (2015) Fest: a feature extraction and selection tool for android malware detection. In: 2015 IEEE symposium on computers and communication (ISCC), pp 714–720

Zhao M, Jiang H, Xu Q, Li Z (2019) Keyword guessing on multi-user searchable encryption. Int J High Perform Comput Netw 14(1):60–68 CrossRef

Zhou Y, Jiang X (2012) Dissecting android malware: Characterization and evolution. In: Proceedings of the 2012 IEEE symposium on security and privacy (S&P), pp 95–109

Zhu H, You Z, Zhu Z, Shi W, Chen X, Cheng L (2018) DroidDet: effective and robust detection of android malware using static analysis along with rotation forest model. Neurocomputing 272:638–646 CrossRef

Zkik K, Orhanou G, Hajji S (2017) Secure mobile multi cloud architecture for authentication and data storage. Int J Cloud Appl Comput (IJCAC) 7(2):62–76

Titel: DroidDeep: using Deep Belief Network to characterize and detect android malware
Autoren:: Xin Su
Weiqi Shi
Xilong Qu
Yi Zheng
Xuchong Liu
Publikationsdatum: 03.01.2020
DOI: https://doi.org/10.1007/s00500-019-04589-w
Verlag: Springer Berlin Heidelberg
Zeitschrift: Soft Computing A Fusion of Foundations, Methodologies and Applications
Ausgabe 8/2020
Print ISSN: 1432-7643
Elektronische ISSN: 1433-7479

Premium Partner

Bildnachweise

Springer Professional

Tipp

Weitere Artikel dieser Ausgabe durch Wischen aufrufen

Publisher's Note

Abstract

Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten

Sie möchten Zugang zu diesem Inhalt erhalten? Dann informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 8/2020

Small-scale moving target detection in aerial image by deep inverse reinforcement learning

A dynamic trust model in internet of things

A watermarking scheme based on rotating vector for image content authentication

The zero-divisor graphs of MV-algebras

Identity-based data storage scheme with anonymous key generation in fog computing

A novel metaheuristic inspired by Hitchcock birds’ behavior for efficient optimization of large search spaces of high dimensionality

Premium Partner