FCSCNN: Feature centralized Siamese CNN-based android malware identification

Malware has been a serious threat to Android security since its inception. The key to defending against malware threats is how to extract the discriminative features of the apps and identify the samples. In order to alleviate the problem, a Siamese network is proposed to achieve high-performance Android malware detection. Meanwhile, a feature grouping (FG) strategy is also designed to choose valuable Permission and API calls effectively. In order to further improve the detection speed, a Feature Centralized Siamese Convolutional Neural Network (FCSCNN) is proposed, the benign and malicious mean centers are calculated from the sample database at first. Then, the distances between the application and the two centers are calculated to determine the class. Sufficient experimental results demonstrate that the proposed method FCSCNN can achieve the accuracy of 98.07% on the public dataset “VirusShare”, and the detection time is less than 0.1 s.