Browse > Article
http://dx.doi.org/10.9717/kmms.2020.23.5.641

A Study on Detection of Malicious Android Apps based on LSTM and Information Gain  

Ahn, Yulim (Dept. of Information Security, Seoul Women's University)
Hong, Seungah (Dept. of Information Security, Seoul Women's University)
Kim, Jiyeon (Center for Software Educational Innovation, Right AI with Security & Ethics Research Center, Seoul Women's University)
Choi, Eunjung (Dept. of Information Security, Right AI with Security & Ethics Research Center, Seoul Women's University)
Publication Information
Journal of Korea Multimedia Society / v.23, no.5, 2020 , pp. 641-649 More about this Journal
Abstract
As the usage of mobile devices extremely increases, malicious mobile apps(applications) that target mobile users are also increasing. It is challenging to detect these malicious apps using traditional malware detection techniques due to intelligence of today's attack mechanisms. Deep learning (DL) is an alternative technique of traditional signature and rule-based anomaly detection techniques and thus have actively been used in numerous recent studies on malware detection. In order to develop DL-based defense mechanisms against intelligent malicious apps, feeding recent datasets into DL models is important. In this paper, we develop a DL-based model for detecting intelligent malicious apps using KU-CISC 2018-Android, the most up-to-date dataset consisting of benign and malicious Android apps. This dataset has hardly been addressed in other studies so far. We extract OPcode sequences from the Android apps and preprocess the OPcode sequences using an N-gram model. We then feed the preprocessed data into LSTM and apply the concept of Information Gain to improve performance of detecting malicious apps. Furthermore, we evaluate our model with numerous scenarios in order to verify the model's design and performance.
Keywords
Mobile Malicious Apps; Android Malware; Deep Learning; Long Short-term Memory; Information Gain; Shannon Entropy;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 B. Kang, S.Y. Yerima, S. Sezer, and K. McLaughlin, “N-gram Opcode Analysis for Android Malware Detection,” International Journal on Cyber Situational Awareness, Vol. 1, No. 1, pp. 231-255, 2016.   DOI
2 A.I. Elkhawas and N. Abdelbaki, "Malware Detection Using Opcode Trigram Sequence with SVM," Proceeding of International Conference on Software, Telecommunications and Computer Networks, pp 1-6, 2018.
3 R. Vinayakumar and K.P. Soman, “Detecting Android Malware Using Long Short-term Memory (LSTM),” Journal of Intelligent and Fuzzy Systems, Vol. 34, No. 3, pp. 1277-1288, 2018.   DOI
4 H. Alimardani and M. Nazeh, "Permissionbased Analysis of Android Applications Using Categorization and Deep Learning Scheme," Proceeding of MATEC Web of Conferences 2018, pp. 1-7, 2019.
5 R. Vinayakumar and K. P. Soman, "Deep Android Malware Detection and Classification," Proceeding of 2017 International Conference on Advances in Computing, Communications and Informatics, pp. 1677-1683, 2017.
6 J. Yan, Y. Oi, and Q. Rao, “LSTM-based Hierarchical Denoising Network for Android Malware Detection,” Security and Communication Networks, Vol. 2018, No. 5249190, pp. 1-18, 2018.
7 A. Hota and P. Irolla, "Deep Neural Networks for Android Malware Detection," Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ForSE, pp. 657-663, 2019.
8 G. Canfora, F. Mercaldo, and C.A. Visaggio, "An HMM and Structural Entropy Based Detector for Android Malware: An Empirical Study," Computers and Security, Vol. 61, pp. 1-18, 2016.   DOI
9 Jin-Gul Joo, In-Seon Jeong, and Seung-Ho Kang, “An Optimal Feature Selection Method to Detect Malwares in Real Time Using Machine Learning,” Journal of Korea Multimedia Society, Vol. 22, No. 2, pp. 203-209, 2019.   DOI
10 M.B. Erdene, H. Park, H. Li, H. Lee, and M. S. Cho, “Entropy Analysis to Classify Unknown Packing Algorithms for Malware Detection,” International Journal of Information Security, Vol. 16, No. 3, pp. 227-248, 2017.   DOI
11 A. Bhattacharya and R.T. Goswami, "DMDAM: Data Mining Based Detection of Android Malware," Proceedings of the First International Conference on Intelligent Computing and Communication, pp. 187-194, 2016.
12 L. Singh and M. Hofmann, "Dynamic Behavior Analysis of Android Applications for Malware Detection," Proceeding of International Conference on Intelligent Communication and Computational Techniques, pp. 1-7, 2017.
13 S. Vanjire and M. Lakshmi, “FNN and Auto Encoder Deep Learning-based Algorithm for Android Cyber Security,” International Journal of Recent Technology and Engineering, Vol. 8, No. 5, pp. 3292-3296, 2020.   DOI
14 M.K. Alzaylaee, S.Y. Yerima, and S. Sezer, “DL-Droid: Deep Learning Based Android Malware Detection Using Real Devices,” Computers and Security, Vol. 89, No. 101663, pp. 1-11, 2020.
15 Z. Yuan, Y. Lu, Z. Wang, and Y. Xue, “Droid- Sec: Deep Learning in Android Malware Detection,” ACM Special Interest Group on Data Communication Computer Communication Review, Vol. 44, No. 4, pp. 371-372, 2014.
16 A.Y, Saleh and C. Francis, “A Deep Learning Approach to Malware Detection in Android Platform,” International Journal of Innovative Technology and Exploring Engineering, Vol. 8, No. 8, pp. 1043-1048, 2019.
17 X. Xiao, S. Zhang, and F. Mercaldo, “Android Malware Detection Based on System Call Sequences and LSTM,” Multimedia Tool and Applications, Vol. 78, No. 4, pp. 3979-3999, 2019.   DOI
18 L. Shiqi, L. Zhiyuan, N. Bo, W. Huanhuan, S. Hua, and Y. Yong, “Android Malware Analysis and Detection Based on Attention-CNNLSTM,” Journal of Computers, Vol. 14, No. 1, pp. 31-43, 2019.
19 A. Naway and Y. Li, “Using Deep Neural Network for Android Malware Detection,” International Journal of Advanced Studies in Computer Science and Engineering, Vol. 7, No. 12, pp. 9-18, 2018.
20 K. Xu, Y. Li, R.H. Deng, and K. Chen, "Deep Refiner: Multi-layer Android Malware Detection System Applying Deep Neural Networks," Proceeding of IEEE European Symposium on Security and Privacy, pp. 473-487, 2018.
21 N. McLaughlin, J.M.d. Rincon, B.J. Kang, S. Yerima, P. Miller, and S. Sezer, "Deep Android Malware Detection," Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, pp. 301-308, 2017.
22 J. Yan, Y. Qi, and Q. Rao, “Detecting Malware with an Ensemble Method Based on Deep Neural Network,” Security and Communication Networks, Vol. 2018, No. 7247095, pp. 1-16, 2018.
23 R. Lu, Malware Detection with LSTM Using Opcode Language, University of Chinese Academy of Sciences, Beijing, 2019.