TY - GEN
T1 - Detecting android malware based on dynamic feature sequence and attention mechanism
AU - Long, Hanlin
AU - Tian, Zhicheng
AU - Liu, Yang
N1 - Publisher Copyright:
© 2021 IEEE.
PY - 2021/1/8
Y1 - 2021/1/8
N2 - The mechanism of running software on virtual machines partly ensures the security of Android system. However, with all kinds of malicious codes being developed, there has been a huge number of massive security incidents caused by malware on Android. Malware has various code patterns, but their behaviors are measurable. In this paper, a new method of detecting Android malware by analyzing malware's behaviors is proposed. The method is characterized by the ability to mine the contextual relationships between system calls and network activities. Besides, the method requires only a small data set to achieve good classification performance. We propose a set of methods for automatically collecting and organizing dynamic features from Android application Based on the collected features, deep neural network is used to classify software samples. We validate the effectiveness of the proposed method on a set of 2210 applications obtained from Androzoo. The experimental results demonstrate that the proposed method has high detection accuracy against wild malware as compared with other methods. We propose a set of methods for automatically collecting and organizing dynamic features from Android application Based on the collected features, deep neural network is used to classify software samples. We validate the effectiveness of the proposed method on a set of 2210 applications obtained from Androzoo. The experimental results demonstrate that the proposed method has high detection accuracy against wild malware as compared with other methods.
AB - The mechanism of running software on virtual machines partly ensures the security of Android system. However, with all kinds of malicious codes being developed, there has been a huge number of massive security incidents caused by malware on Android. Malware has various code patterns, but their behaviors are measurable. In this paper, a new method of detecting Android malware by analyzing malware's behaviors is proposed. The method is characterized by the ability to mine the contextual relationships between system calls and network activities. Besides, the method requires only a small data set to achieve good classification performance. We propose a set of methods for automatically collecting and organizing dynamic features from Android application Based on the collected features, deep neural network is used to classify software samples. We validate the effectiveness of the proposed method on a set of 2210 applications obtained from Androzoo. The experimental results demonstrate that the proposed method has high detection accuracy against wild malware as compared with other methods. We propose a set of methods for automatically collecting and organizing dynamic features from Android application Based on the collected features, deep neural network is used to classify software samples. We validate the effectiveness of the proposed method on a set of 2210 applications obtained from Androzoo. The experimental results demonstrate that the proposed method has high detection accuracy against wild malware as compared with other methods.
KW - Android System
KW - Attention Mechanism
KW - Dynamic Features
KW - Malware Detection
KW - Transformer Structure
UR - https://www.scopus.com/pages/publications/85102492990
U2 - 10.1109/CSP51677.2021.9357569
DO - 10.1109/CSP51677.2021.9357569
M3 - 会议稿件
AN - SCOPUS:85102492990
T3 - 2021 IEEE 5th International Conference on Cryptography, Security and Privacy, CSP 2021
SP - 129
EP - 133
BT - 2021 IEEE 5th International Conference on Cryptography, Security and Privacy, CSP 2021
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 5th IEEE International Conference on Cryptography, Security and Privacy, CSP 2021
Y2 - 8 January 2021 through 10 January 2021
ER -