Browse > Article
http://dx.doi.org/10.13089/JKIISC.2021.31.3.433

Customized Serverless Android Malware Analysis Using Transfer Learning-Based Adaptive Detection Techniques  

Shim, Hyunseok (Soongsil University)
Jung, Souhwan (Soongsil University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.31, no.3, 2021 , pp. 433-441 More about this Journal
Abstract
Android applications are released across various categories, including productivity apps and games, and users are exposed to various applications and even malware depending on their usage patterns. On the other hand, most analysis engines train using existing datasets and do not reflect user patterns even if periodic updates are made. Thus, the detection rate for known malware is high, while types of malware such as adware are difficult to detect. In addition, existing engines incur increased service provider costs due to the cost of server farm, and the user layer suffers from problems where availability and real-timeness are not guaranteed. To address these problems, we propose an analysis system that performs on-device malware detection through transfer learning, which requires only one-time communication with the server. In addition, The system has a complete process on the device, including decompiler, which can distribute the load of the server system. As an evaluation result, it shows 90.3% accuracy without transfer learning, while the model transferred with adware catergories shows 95.1% of accuracy, which is 4.8% higher compare to original model.
Keywords
Android malware; Transfer learning; On-device analyzer; Adaptive system;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Trend Micro, "Adware Campaign Identified From 182 Game and Camera Apps on Google Play and Third-Party Sto res Like 9Apps", https://blog.trendmicro.com/trendlabs-security-intelligence/adware-campaign-identified-from-182-game-and-camera-apps-on-google-play-and-third-party-stores-like-9apps/, last accessed Jan 2021.
2 Tasfia Shermin et al., "Enhanced Transfer Learning with ImageNet Trained Classification Layer," Pacific-Rim Symposium on Image and Video Technology, pp.142-155, 2019.
3 Jason Yosinski, Jeff Clune, Yoshua Bengio and Hod Lipson, "How transferable are features in deep neural networks?," Advances in Neural Information Processing Systems, pp.3320-3328, 2014.
4 W. Yuan, Y. Jiang, H. Li and M. Cai, "A Lightweight On-Device Detection Method for Android Malware," IEEE Transactions on Systems, Man, and Cybernetics: Systems, pp.1-12, 2019.
5 Ryszard Wisniewski, Connor Tumbleson, "APKtool", https://ibotpeaches.github.io/Apktool/install/, 2020, last accessed Jan 2021.
6 Steve Norum, "Toco", https://pypi.org/project/toco/, last accessed Feb 2021.
7 Hyunseok Shim and Souhwan Jung, "Semantic-aware Comment Analysis Approach for API Permission Mapping on Android," NLPIR 2020: Proceedings of the 4th International Conference on Natural Language Processing and Information Retrieval, pp.61-69, 2020.
8 Google Play, "Android distribution", https://developer.android.com/distribute/google-play, last accessed Jan 2021.
9 Google, "VirusTotal", https://www.virustotal.com/, last accessed Jan 2021.
10 Wei Fengguo, Li Yuping, Roy Sankardas, Ou Xinming and Zhou Wu, "Deep Ground Truth Analysis of Current Android Malware," International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp.252-276, 2017.
11 Ruitao Feng et al., "MobiDroid: A Performance-Sensitive Malware Detection System on Mobile Platform," 2019 24th International Conference on Engineering of Complex Computer Systems (ICECCS), pp.61-70, 2019.
12 J. Wang, Y. Chen, S. Hao, W. Feng and Z. Shen, "Balanced Distribution Adaptation for Transfer Learning," 2017 IEEE International Conference on Data Mining (ICDM), pp. 1129-1134, 2017.
13 Tensorflow lite, "Deploy machine learning models on mobile and IoT devices", https://www.tensorflow.org/lite, last accessed Feb 2021.
14 N. Peiravian and X. Zhu, "Machine Learning for Android Malware Detection Using Permission and API Calls", 2013 IEEE 25th International Conference on Tools with Artificial Intelligence, pp.300-305, 2013.
15 M. Backes, S. Bugiel, O. Schranz, P. Von Styp-Rekowsky and S. Weisgerber, "ARTist: The Android Runtime Instrumentation and Security Toolkit," 2017 IEEE European Symposium on Security and Privacy (EuroS&P), pp.481-495, 2017.
16 D. H. Wolpert and W. G. Macready, " No free lunch theorems for optimization," IEEE Transactions on Evolutionary Computation, vol.1, no.1, pp. 67-82, Apr, 1997.   DOI
17 Forbes, "Many Popular Android Apps Leak Sensitive Data, Leaving Millions Of Consumers At Risk", https://www.forbes.com/sites/ajdellinger/2019/06/07/many-popular-android-apps-leak-sensitive-data-leaving-millions-of-consumers-at-risk/#69643a7b521e, last accessed Jan 2021.