Browse > Article
http://dx.doi.org/10.3837/tiis.2021.06.014

LSTM Android Malicious Behavior Analysis Based on Feature Weighting  

Yang, Qing (School of Computer Science and Information Engineering, Guangzhou Maritime University)
Wang, Xiaoliang (Hunan University of Science and Technology)
Zheng, Jing (Hunan University of Science and Technology)
Ge, Wenqi (Hunan University of Science and Technology)
Bai, Ming (School of Computer Science and Information Engineering, Guangzhou Maritime University)
Jiang, Frank (Hunan University of Science and Technology)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.15, no.6, 2021 , pp. 2188-2203 More about this Journal
Abstract
With the rapid development of mobile Internet, smart phones have been widely popularized, among which Android platform dominates. Due to it is open source, malware on the Android platform is rampant. In order to improve the efficiency of malware detection, this paper proposes deep learning Android malicious detection system based on behavior features. First of all, the detection system adopts the static analysis method to extract different types of behavior features from Android applications, and extract sensitive behavior features through Term frequency-inverse Document Frequency algorithm for each extracted behavior feature to construct detection features through unified abstract expression. Secondly, Long Short-Term Memory neural network model is established to select and learn from the extracted attributes and the learned attributes are used to detect Android malicious applications, Analysis and further optimization of the application behavior parameters, so as to build a deep learning Android malicious detection method based on feature analysis. We use different types of features to evaluate our method and compare it with various machine learning-based methods. Study shows that it outperforms most existing machine learning based approaches and detects 95.31% of the malware.
Keywords
Android Security; Deep Learning; LSTM; Static Analysis; TF-IDF;
Citations & Related Records
연도 인용수 순위
  • Reference
1 W. Enck, P. Gilbert and B. G. Chun, "TaintDroid: an information flow tracking system for realtime privacy monitoring on smartphones," Communications of the ACM, vol. 57, no. 3, pp. 99-106, 2014.   DOI
2 Y. Zhang, Y. Yang and X. Wang, "A novel android malware detection approach based on convolutional neural network," in Proc. of the 2nd International Conference on Cryptography, Security and Privacy, pp. 144-149, Mar. 2018.
3 G. Lin, W. Xiao, J. Zhang and Y. Xiang, "Deep Learning-Based Vulnerable Function Detection: A Benchmark," in Proc. of International Conference on Information and Communications Security, vol.11999, pp. 219-232, 2020.
4 S. Karina, P. Charles and L. Marc, "Android application classification and anomaly detection with graph-based permission patterns," Decision Support Systems, vol. 93, pp. 62-76, 2017.   DOI
5 H. Zhu, Z. You, Z. Zhu, W. Shi, X. Chen and L. Cheng, "DroidDet: effective and robust detection of android malware using static analysis along with rotation forest model," Neurocomputing, vol. 272, pp. 638-646, 2018.   DOI
6 G. He, B. Xu and H. Zhu, "AppFA: A Novel Approach to Detect Malicious Android Applications on the Networ," Security and Communication Networks, vol. 2018, pp. 1-15, Apr., 2018.
7 D. Gianluca, M. Fabio, M. Ilaria, P. Marinella, A. Saracino and D. Sgandurra, "Risk analysis of Android applications: A user-centric solution," Future Generation Computer Systems, Mar., vol. 80, pp. 505-518, 2018.   DOI
8 R. Sato, D. Chiba and S. Goto, "Detecting Android malware by analyzing manifest files," in Proc. of the Asia-Pacific advanced network, vol. 36, pp. 23-31, 2013.   DOI
9 EGHAM. Gartner says worldwide sales of smartphones recorded 1st ever decline during the 4th quarter of 2017.
10 D. Kim, G. Shin and M. Han, "Analysis of feature importance and interpretation for malware classification," Computers, Materials & Continua, vol. 65, no. 3, pp. 1891-1904, 2020.   DOI
11 F. Ali, B. A. Nor, S. Rosli and W. A. W. Ainuddin, "A review on feature selection in mobile malware detection," Digital investigation, vol. 13, pp. 22-37, June, 2015.   DOI
12 K. Lim, N. Kim Y and Y. Jeong, "Protecting android applications with multiple DEX files against static reverse engineering attacks," Intelligent Automation & Soft Computing, vol. 25, no.1, pp. 143-153, 2019.
13 Z. Wang, Y. Tang, J. Yao, R. Qian, Z. Zhang and P. Ma, "Large-scale Malware Automatic Detection Based On Multiclass Features and Machine Learnin," in Proc. of the 2nd International Conference on Computer Science and Application Engineering, New York, NY, USA, pp. 1-5, Oct., 2018.
14 I. R. A. Hamid, S. Subramaniam and Z. Abdullah, "Classification of Polymorphic Virus Based on Integrated Features," International Journal on Advanced Science, Engineering and Information Technology, vol. 8, no. 6, pp. 2577-2583, 2018.   DOI
15 A. Kelec and Z. Djuric, "A proposal for addressing security issues related to dynamic code loading on android platform," Computer Systems Science and Engineering, vol. 35, no.4, pp. 271-282, 2020.   DOI
16 W. Liang, D. Zhang and X. Lei, "Circuit Copyright Blockchain: Blockchain-based Homomorphic Encryption for IP Circuit Protection," IEEE Transactions on Emerging Topics in Computing, pp. 1-1, 2020.
17 W. Liang, L. Xiao and K. Zhang, "Data Fusion Approach for Collaborative Anomaly Intrusion Detection in Blockchain-based Systems," IEEE Internet of Things Journal, pp. 1-1, 2021.
18 A. Sadeghi, H. Bagheri and J. Garcia, "A taxonomy and qualitative comparison of program analysis techniques for security assessment of android software," IEEE Transactions on Software Engineering vol. 43, no. 6, pp. 492-530, 2016.   DOI
19 A. Zulkifli, I. R. A. Hamid, W. M. Shah and Z. Adbullah, "Android malware detection based on network traffic using decision tree algorithm," in Proc. of International Conference on Soft Computing and Data Mining, Springer, Cham, Jan., vol.700, pp. 485-494, 2018.
20 P. Vinod, Z. Akka and M. Conti, "A machine learning based approach to detect malicious android apps using discriminant system calls," Future Generation Computer Systems, vol. 94, pp. 333-350, 2019.   DOI
21 W. Liang, S. Xie and D. Zhang, "A mutual security authentication method for RFID-PUF circuit based on deep learning," ACM Transactions on Internet Technology, pp. 1-20, 2020.
22 Z. U. Rehman, S. N. Khan and K. Muhammad, "Machine learning-assisted signature and heuristic-based detection of malwares in Android devices," Computers & Electrical Engineering, vol. 69, pp. 828-841, 2018.   DOI
23 K. A. Talha, D. I. Alper and C. Aydin, "APK Auditor: Permission-based Android malware detection system," Digital Investigation, vol. 13, pp. 1-14, 2015.   DOI
24 A. Shabtai, U. Kanonov and Y. Elovici, "Andromaly: a behavioral malware detection framework for android devices," Journal of Intelligent Information Systems, vol. 38, no. 1, pp. 161-190, 2012.   DOI
25 C. Hasegawa and H. Iyatomi, "One-dimensional convolutional neural networks for Android malware detection," in Proc. of 2018 IEEE 14th International Colloquium on Signal Processing & Its Applications (CSPA), pp. 99-102, 2018.
26 H. Sepp and S. Jurgen, "Long short-term memory," Neural Computation, vol. 9, no.8, pp. 1735-1780, 1997   DOI
27 J. Milosevic, A. Ferrante and M. Malek, "MalAware: Effective and Efficient Run-Time Mobile Malware Detector," in Proc. of 2016 IEEE 14th Intl Conf on Dependable, Autonomic and Secure Computing, 14th Intl Conf on Pervasive Intelligence and Computing, 2nd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech), pp. 270-277, 2016.
28 Y. Li, G. Xu, H. Xian, L. Rao and J. Shi, "Novel android malware detection method based on multi-dimensional hybrid features extraction and analysis," Intelligent Automation & Soft Computing, vol. 25, no.3, pp. 637-647, 2019.
29 J. Liu, Y. Zeng, J. Shi and Y. Yang, "Maldetect: a structure of encrypted malware traffic detection," Computers, Materials & Continua, vol. 60, no. 2, pp. 721-739, 2019.   DOI
30 Y. Zhang, Y. Yang and X. Wang, "A novel android malware detection approach based on convolutional neural network," in Proc. of the 2nd International Conference on Cryptography, Security and Privacy, New York, NY, USA, pp. 144-149, 2018.