Using Deep Neural Network for Android Malware Detection

The pervasiveness of the Android operating system, with the availability of applications almost for everything, is readily accessible in the official Google play store or a dozen alternative third-party markets. Additionally, the vital role of smartphones in modern life leads to store significant information on devices, not only personal information but also corporate information, which attract malware developers to develop applications that can infiltrate user's devices to steal information and perform harmful tasks. This accompanied with the limitation of currently defenses techniques such as ineffective screening in Google play store, weak or no screening in third-party markets. Antiviruses software that still relies on a signature-based database that is effective only in identifying known malware. To contrive with malicious applications that are increased in volume and sophistication, we propose an Android malware detection system that applies deep learning technique to face the threats of Android malware. Extensive experiments on a real-world dataset contain benign and malicious applications uncovered that the proposed system reaches an accuracy of 95.31%.Comment: 9 pages, 5 figures, 6 Table

Android Malware Detection Using Autoencoder

Smartphones have become an intrinsic part of human's life. The smartphone unifies diverse advanced characteristics. It enables users to store various data such as photos, health data, credential bank data, and personal information. The Android operating system is the prevalent mobile operating system and, in the meantime, the most targeted operating system by malware developers. Recently the unparalleled development of Android malware put pressure on researchers to propose effective methods to suppress the spread of the malware. In this paper, we propose a deep learning approach for Android malware detection. The proposed approach investigates five different feature sets and applies Autoencoder to identify malware. The experimental results show that the proposed approach can identify malware with high accuracy.Comment: 9 Pages, 4 Figures, 3 Table

Identification of Significant Permissions for Efficient Android Malware Detection

Since Google unveiled Android OS for smartphones, malware are thriving with 3Vs, i.e. volume, velocity, and variety. A recent report indicates that one out of every five business/industry mobile application leaks sensitive personal data. Traditional signature/heuristic-based malware detection systems are unable to cope up with current malware challenges and thus threaten the Android ecosystem. Therefore recently researchers have started exploring machine learning and deep learning based malware detection systems. In this paper, we performed a comprehensive feature analysis to identify the significant Android permissions and propose an efficient Android malware detection system using machine learning and deep neural network. We constructed a set of $16$ permissions ($8\%$ of the total set) derived from variance threshold, auto-encoders, and principal component analysis to build a malware detection engine that consumes less train and test time without significant compromise on the model accuracy. Our experimental results show that the Android malware detection model based on the random forest classifier is most balanced and achieves the highest area under curve score of $97.7\%$, which is better than the current state-of-art systems. We also observed that deep neural networks attain comparable accuracy to the baseline results but with a massive computational penalty.Comment: BROADNETS, 202

A Review on The Use of Deep Learning in Android Malware Detection

Android is the predominant mobile operating system for the past few years. The prevalence of devices that can be powered by Android magnetized not merely application developers but also malware developers with criminal intention to design and spread malicious applications that can affect the normal work of Android phones and tablets, steal personal information and credential data, or even worse lock the phone and ask for ransom. Researchers persistently devise countermeasures strategies to fight back malware. One of these strategies applied in the past five years is the use of deep learning methods in Android malware detection. This necessitates a review to inspect the accomplished work in order to know where the endeavors have been established, identify unresolved problems, and motivate future research directions. In this work, an extensive survey of static analysis, dynamic analysis, and hybrid analysis that utilized deep learning methods are reviewed with an elaborated discussion on their key concepts, contributions, and limitations.Comment: 15 pages, 4 table

Detection of Malicious Android Applications: Classical Machine Learning vs. Deep Neural Network Integrated with Clustering

Today anti-malware community is facing challenges due to the ever-increasing sophistication and volume of malware attacks developed by adversaries. Traditional malware detection mechanisms are not able to cope-up with next-generation malware attacks. Therefore in this paper, we propose effective and efficient Android malware detection models based on machine learning and deep learning integrated with clustering. We performed a comprehensive study of different feature reduction, classification and clustering algorithms over various performance metrics to construct the Android malware detection models. Our experimental results show that malware detection models developed using Random Forest eclipsed deep neural network and other classifiers on the majority of performance metrics. The baseline Random Forest model without any feature reduction achieved the highest AUC of 99.4%. Also, the segregating of vector space using clustering integrated with Random Forest further boosted the AUC to 99.6% in one cluster and direct detection of Android malware in another cluster, thus reducing the curse of dimensionality. Additionally, we found that feature reduction in detection models does improve the model efficiency (training and testing time) many folds without much penalty on the effectiveness of the detection model.Comment: BROADNETS, 202

Collective Intelligence: Decentralized Learning for Android Malware Detection in IoT with Blockchain

The widespread significance of Android IoT devices is due to its flexibility and hardware support features which revolutionized the digital world by introducing exciting applications almost in all walks of daily life, such as healthcare, smart cities, smart environments, safety, remote sensing, and many more. Such versatile applicability gives incentive for more malware attacks. In this paper, we propose a framework which continuously aggregates multiple user trained models on non-overlapping data into single model. Specifically for malware detection task, (i) we propose a novel user (local) neural network (LNN) which trains on local distribution and (ii) then to assure the model authenticity and quality, we propose a novel smart contract which enable aggregation process over blokchain platform. The LNN model analyzes various static and dynamic features of both malware and benign whereas the smart contract verifies the malicious applications both for uploading and downloading processes in the network using stored aggregated features of local models. In this way, the proposed model not only improves malware detection accuracy using decentralized model network but also model efficacy with blockchain. We evaluate our approach with three state-of-the-art models and performed deep analyses of extracted features of the relative model