Abstract
Because of the explosive growth of Android malware and due to the severity of its damages, the detection of Android malware has become an increasing important topic in cybersecurity. Currently, the major defense against Android malware is commercial mobile security products which mainly use signature-based method for detection. However, attackers can easily devise methods, such as obfuscation and repackaging, to evade the detection, which calls for new defensive techniques that are harder to evade. In this paper, resting on the analysis of Application Programming Interface (API) calls extracted from the smali files, we further categorize the API calls which belong to the some method in the smali code into a block. Based on the generated API call blocks, we then explore deep neural networks (i.e., Deep Belief Network (DBN) and Stacked AutoEncoders (SAEs)) for newly unknown Android malware detection. Using a real sample collection from Comodo Cloud Security Center, a comprehensive experimental study is performed to compare various malware detection approaches. The experimental results demonstrate that (1) our proposed feature extraction method (i.e., using API call blocks) outperforms using API calls directly in Android malware detection; (2) DBN works better than SAEs in this application; and (3) the detection performance of deep neural networks is better than shallow learning architectures.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
