DroidMalwareDetector: A novel Android malware detection framework based on convolutional neural network

Abstract

Smartphones have become an integral part of our daily lives thanks to numerous reasons. While benefitting from what they offer, it is critical to be aware of the existence of malware in the Android ecosystem and be away from them. To this end, an end-to-end and highly effective Android malware detection framework based on CNN, namely, DroidMalwareDetector, was proposed within this study. Unlike most of the related work, DroidMalwareDetector was specifically designed to (i) automate feature extraction and selection, (ii) propose a novel CNN that operates with 1-dimensional data, and (iii) use intents and API calls alongside the widely used permissions to perform comprehensive malware analysis. The proposed framework was trained and evaluated on the constructed dataset, which consisted of 14,386 apps from the de-facto standard datasets. The proposed framework’s efficiency in terms of distinguishing malware from benign apps was revealed thanks to the conducted experiments. According to the experimental result, the accuracy of the proposed framework was calculated as high as 0.9, which was higher than the accuracy values obtained from a wide range of machine learning algorithms. The insights which were gained through the conducted experiments were revealed as another contribution to the research field.