nach oben

Erschienen in:

2022 | OriginalPaper | Buchkapitel

Effectiveness of Video-Classification in Android Malware Detection Through API-Streams and CNN-LSTM Autoencoders

verfasst von : Gianni D’Angelo, Francesco Palmieri, Antonio Robustelli

Erschienen in: Mobile Internet Security

Verlag: Springer Nature Singapore

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The outbreak of the COVID-19 pandemic has forced worldwide employees to massive use of their mobile devices to access corporate systems. This new scenario has made mobile devices more susceptible to malicious applications, which are yearly developed to conduct several hostile activities. Concerned about this fact, many Deep Learning (DL) based solutions have been proposed, in the last decade, by considering both static and dynamic approaches. However, static solutions are adversely affected by obfuscation techniques and polymorphic applications, while dynamic ones cannot reduce the damages caused during applications execution. To this purpose, the following paper aims to propose a novel approach called API-Streams to minimize damages at Run-time. Therefore, we investigate several Video-Classification tasks through CNN-LSTM Autoencoders (CNN-LSTM-AEs). More precisely, we combine the capability of AEs in finding compact features with the classification abilities of Deep Neural Networks (DNNs), and we show that the proposed approach achieves an average accuracy of 98% in the presence of several unbalanced training datasets. Finally, we use the t-Stochastic Neighbor Embedded (t-SNE) representation technique to investigate the abilities of the employed AE to cluster data into their respective classes by limiting their overlapping.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel A Blockchain-Based Authentication Scheme for 5G Applications

Nächstes Kapitel Trojan Attacks and Defense for Speech Recognition

http://antlab.di.unisa.it/malware/.

Abderrahmane, A., Adnane, G., Yacine, C., Khireddine, G.: Android malware detection based on system calls analysis and CNN classification. In: 2019 IEEE Wireless Communications and Networking Conference Workshop (WCNCW), pp. 1–6 (2019). https://doi.org/10.1109/WCNCW.2019.8902627

Aonzo, S., Merlo, A., Migliardi, M., Oneto, L., Palmieri, F.: Low-resource footprint, data-driven malware detection on android. IEEE Trans. Sustain. Comput. 5(2), 213–222 (2020). https://doi.org/10.1109/TSUSC.2017.2774184CrossRef

Atienza, R.: Advanced Deep Learning with Keras : Apply Deep Learning Techniques, Autoencoders, GANs, Variational Autoencoders, Deep Reinforcement Learning, Policy Gradients, and More. Packt Publishing, Birmingham (2018)

Bhagwat, R., Abdolahnejad, M., Moocarme, M.: Applied Deep Learning with Keras: Solve Complex Real-life Problems with the Simplicity of Keras. Packt Publishing (2019)

D’Angelo, G., Rampone, S.: Shape-based defect classification for non destructive testing. In: 2015 IEEE Metrology for Aerospace (MetroAeroSpace), pp. 406–410 (2015)

D’Angelo, G., Palmieri, F.: Enhancing COVID-19 tracking apps with human activity recognition using a deep convolutional neural network and HAR-images. Neural Comput. Appl. (2021). https://doi.org/10.1007/s00521-021-05913-y

D’Angelo, G., Palmieri, F., Robustelli, A., Castiglione, A.: Effective classification of android malware families through dynamic features and neural networks. Connect. Sci. 1–16 (2021). https://doi.org/10.1080/09540091.2021.1889977. https://www.tandfonline.com/doi/abs/10.1080/09540091.2021.1889977

David, O., Netanyahu, N.S.: Deepsign: deep learning for automatic malware signature generation and classification. In: 2015 International Joint Conference on Neural Networks (IJCNN), pp. 1–8 (2015)

D’Angelo, G., Ficco, M., Palmieri, F.: Malware detection in mobile environments based on autoencoders and API-images. J. Parallel Distrib. Comput. 137, 26 – 33 (2020). https://doi.org/10.1016/j.jpdc.2019.11.001. http://www.sciencedirect.com/science/article/pii/S0743731519302436

10.

D’Angelo, G., Palmieri, F.: Network traffic classification using deep convolutional recurrent autoencoder neural networks for spatial–temporal features extraction. J. Netw. Comput. Appl. 173, 102890 (2021). https://doi.org/10.1016/j.jnca.2020.102890. http://www.sciencedirect.com/science/article/pii/S1084804520303519

11.

Elia, S., et al.: A machine learning evolutionary algorithm-based formula to assess tumor markers and predict lung cancer in cytologically negative pleural effusions. Soft Comput. 24(10), 7281–7293 (2020). https://doi.org/10.1007/s00500-019-04344-1. https://doi.org/10.1007/s00500-019-04344-1

12.

Ficco, M.: Detecting IoT malware by Markov chain behavioral models, pp. 229–234 (2019). https://doi.org/10.1109/IC2E.2019.00037

13.

Frida: Frida - a world-class dynamic instrumentation framework. https://frida.re/docs/frida-trace/. Accessed 2020

14.

Hochreiter, S., Schmidhuber, J.: Long short-term memory. Neural Comput. 9(8), 1735–1780 (1997). https://doi.org/10.1162/neco.1997.9.8.1735CrossRef

15.

Idanr: Droidmon - dalvik monitoring framework for cuckoodroid (2020). https://github.com/idanr1986/droidmon

16.

Johnson, C., Khadka, B., Basnet, R.B., Doleck, T.: Towards detecting and classifying malicious URLS using deep learning. J. Wirel. Mobile Netw. Ubiquito. Comput. Dependable Appl. (JoWUA) 11(4), 31–48 (2020)

17.

Karamanolakis, G., Cherian, K.R., Narayan, A.R., Yuan, J., Tang, D., Jebara, T.: Item recommendation with variational autoencoders and heterogeneous priors. In: Proceedings of the 3rd Workshop on Deep Learning for Recommender Systems, DLRS 2018, pp. 10–14. Association for Computing Machinery, New York (2018). https://doi.org/10.1145/3270323.3270329

18.

Kasturi, G., Jain, A., Singh, J.: Detection and classification of radio frequency jamming attacks using machine learning. J. Wirel. Mobile Netw. Ubiquit. Comput. Dependable Appl. (JoWUA) 11(4), 49–62 (2020)

19.

Kim, H.: 5G core network security issues and attack classification from network protocol perspective. J. Internet Serv. Inf. Secur. (JISIS) 10(2), 1–15 (2020)

20.

Kolosnjaji, B., Zarras, A., Webster, G., Eckert, C.: Deep learning for classification of malware system call sequences. In: Kang, B.H., Bai, Q. (eds.) AI 2016. LNCS (LNAI), vol. 9992, pp. 137–149. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-50127-7_11CrossRef

21.

Li, C., Mills, K., Niu, D., Zhu, R., Zhang, H., Kinawi, H.: Android malware detection based on factorization machine. IEEE Access 7, 184008–184019 (2019). https://doi.org/10.1109/ACCESS.2019.2958927CrossRef

22.

Lin, T.Y., Goyal, P., Girshick, R., He, K., Dollár, P.: Focal loss for dense object detection (2018)

23.

Lopez-Martin, M., Carro, B., Sanchez-Esguevillas, A., Lloret, J.: Network traffic classifier with convolutional and recurrent neural networks for internet of things. IEEE Access 5, 18042–18050 (2017). https://doi.org/10.1109/ACCESS.2017.2747560CrossRef

24.

C.P.S.T. LTD: Mobile security report 2021. https://www.cybertalk.org/wp-content/uploads/2021/04/mobile-security-report-2021.pdf. Accessed 2021

25.

C.P.S.T. LTD: Securelist | mobile malware evolution 2020. https://securelist.com/mobile-malware-evolution-2020/101029/. Accessed 2021

26.

Maggipinto, M., Masiero, C., Beghi, A., Susto, G.A.: A convolutional autoencoder approach for feature extraction in virtual metrology. Procedia Manuf. 17, 126–133 (2018). https://doi.org/10.1016/j.promfg.2018.10.023. http://www.sciencedirect.com/science/article/pii/S2351978918311399. 28th International Conference on Flexible Automation and Intelligent Manufacturing (FAIM2018), June 11-14, 2018, Columbus, OH, USA Global Integration of Intelligent Manufacturing and Smart Industry for Good of Humanity

27.

Makhzani, A., Frey, B.: k-sparse autoencoders (2014)

28.

Manipriya, S., Mala, C., Mathew, S.: A collaborative framework for traffic information in vehicular adhoc network applications. J. Internet Serv. Inf. Secur. (JISIS) 10(3), 93–109 (2020)

29.

Marra, A.L., Martinelli, F., Mercaldo, F., Saracino, A., Sheikhalishahi, M.: D-BRIDEMAID: a distributed framework for collaborative and dynamic analysis of android malware. J. Wirel. Mobile Netw. Ubiqui. Computi. Dependable Appl. (JoWUA) 11(3), 1–28 (2020)

30.

Martín García, A., Rodriguez-Fernandez, V., Camacho, D.: Candyman: classifying android malware families by modelling dynamic traces with Markov chains. Eng. Appl. Artif. Intell. 74, 121–133 (2018). https://doi.org/10.1016/j.engappai.2018.06.006CrossRef

31.

Meng, L., Ding, S., Zhang, N., Zhang, J.: Research of stacked denoising sparse autoencoder. Neural Comput. Appl. 30(7), 2083–2100 (2016). https://doi.org/10.1007/s00521-016-2790-xCrossRef

32.

Mohammadi, M., Das, S.: SNN: stacked neural networks. CoRR abs/1605.08512 (2016). http://arxiv.org/abs/1605.08512

33.

Onwuzurike, L., Mariconti, E., Andriotis, P., Cristofaro, E.D., Ross, G., Stringhini, G.: MaMaDroid: detecting android malware by building Markov chains of behavioral models (extended version). ACM Trans. Priv. Secur. 22(2), 1–34 (2019). https://doi.org/10.1145/3313391CrossRef

34.

Pan, S.J., Yang, Q.: A survey on transfer learning. IEEE Trans. Knowl. Data Eng. 22(10), 1345–1359 (2010). https://doi.org/10.1109/TKDE.2009.191CrossRef

35.

Perez, M., et al.: Video pornography detection through deep learning techniques and motion information. Neurocomputing 230, 279–293 (2017). https://doi.org/10.1016/j.neucom.2016.12.017CrossRef

36.

Ramesh, R.: Predictive analytics for banking user data using AWS machine learning cloud service. In: 2017 2nd International Conference on Computing and Communications Technologies (ICCCT), pp. 210–215 (2017). https://doi.org/10.1109/ICCCT2.2017.7972282

37.

Rifai, S., Vincent, P., Muller, X., Glorot, X., Bengio, Y.: Contractive auto-encoders: explicit invariance during feature extraction. In: Proceedings of the 28th International Conference on International Conference on Machine Learning, ICML’11, pp. 833–840. Omnipress, Madison (2011)

38.

Santacroce, M.L., Koranek, D., Jha, R.: Detecting malware code as video with compressed, time-distributed neural networks. IEEE Access 8, 132748–132760 (2020). https://doi.org/10.1109/ACCESS.2020.3010706CrossRef

39.

Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: “Andromaly’’: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38, 161–190 (2010). https://doi.org/10.1007/s10844-010-0148-xCrossRef

40.

Thies, J., Alimohammad, A.: Compact and low-power neural spike compression using undercomplete autoencoders. IEEE Trans. Neural Syst. Rehabil. Eng. 27(8), 1529–1538 (2019). https://doi.org/10.1109/TNSRE.2019.2929081CrossRef

41.

van der Maaten, L., Hinton, G.: Visualizing high-dimensional data using T-SNE. J. Mach. Learn. Res. 9(Nov), 2579–2605 (2008). pagination: 27

42.

Vincent, P., Larochelle, H., Bengio, Y., Manzagol, P.A.: Extracting and composing robust features with denoising autoencoders. Association for Computing Machinery, New York (2008). https://doi.org/10.1145/1390156.1390294

43.

Wattenberg, M., Viégas, F., Johnson, I.: How to use T-SNE effectively. Distill (2016). https://doi.org/10.23915/distill.00002. http://distill.pub/2016/misread-tsne

44.

WEKA: Weka 3 - data mining with open source machine learning software in java. https://www.cs.waikato.ac.nz/ml/weka/. Accessed 2020

45.

Werbos, P.J.: Backpropagation through time: what it does and how to do it. Proc. IEEE 78(10), 1550–1560 (1990). https://doi.org/10.1109/5.58337CrossRef

46.

Xie, N., Zeng, F., Qin, X., Zhang, Y., Zhou, M., Lv, C.: RepassDroid: automatic detection of android malware based on essential permissions and semantic features of sensitive APIs. In: 2018 International Symposium on Theoretical Aspects of Software Engineering (TASE), pp. 52–59 (2018). https://doi.org/10.1109/TASE.2018.00015

47.

Xu, X., Wu, X., Wang, G., Wang, H.: Violent video classification based on spatial-temporal cues using deep learning. In: 2018 11th International Symposium on Computational Intelligence and Design (ISCID), vol. 01, pp. 319–322 (2018). https://doi.org/10.1109/ISCID.2018.00079

48.

Xu, Z., Hu, J., Deng, W.: Recurrent convolutional neural network for video classification. In: 2016 IEEE International Conference on Multimedia and Expo (ICME), pp. 1–6 (2016). https://doi.org/10.1109/ICME.2016.7552971

49.

Ye, F., Chen, C., Zheng, Z.: Deep autoencoder-like nonnegative matrix factorization for community detection. In: CIKM ’18, pp. 1393–1402. Association for Computing Machinery, New York (2018). https://doi.org/10.1145/3269206.3271697

50.

Zhang, M., Duan, Y., Yin, H., Zhao, Z.: Semantics-aware android malware classification using weighted contextual API dependency graphs. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS ’14, pp. 1105–1116. Association for Computing Machinery, New York (2014). https://doi.org/10.1145/2660267.2660359

51.

Zhao, K., et al.: Research on video classification method of key pollution sources based on deep learning. J. Visual Commun. Image Represent. 59, 283 – 291 (2019). https://doi.org/10.1016/j.jvcir.2019.01.015. http://www.sciencedirect.com/science/article/pii/S1047320319300215

Titel: Effectiveness of Video-Classification in Android Malware Detection Through API-Streams and CNN-LSTM Autoencoders
verfasst von: Gianni D’Angelo
Francesco Palmieri
Antonio Robustelli
Verlag: Springer Nature Singapore
Buch: Mobile Internet Security
Print ISBN: 978-981-16-9575-9

Electronic ISBN: 978-981-16-9576-6

Copyright-Jahr: 2022
DOI: https://doi.org/10.1007/978-981-16-9576-6_13

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner