Integrity verification and behavioral classification of a large dataset applications pertaining smart OS via blockchain and generative models

Abstract

AbstractMalware analysis and detection over the Android have been the focus of considerable research, during recent years, as customer adoption of Android attracted a corresponding number of malware writers. Antivirus companies commonly rely on signatures and are error‐prone. Traditional machine learning techniques are based on static, dynamic, and hybrid analysis; however, for large scale Android malware analysis, these approaches are not feasible. Deep neural architectures are able to analyze large scale static details of the applications, but static analysis techniques can ignore many malicious behaviors of applications. The study contributes to the documentation of various approaches for detection of malware, traditional and state‐of‐the‐art models, developed for analysis that facilitates the provision of basic insights for researchers working in malware analysis, and the study also provides a dynamic approach that employs deep neural network models for detection of malware. Moreover, the study uses Android permissions as a parameter to measure the dynamic behavior of around 16,900 benign and intruded applications. A dataset is created which encompasses a large set of permissions‐based dynamic behavior pertaining applications, with an aim to train deep learning models for prediction of behavior. The proposed architecture extracts representations from input sequence data with no human intervention. The state‐of‐the‐art Deep Convolutional Generative Adversarial Network extracted deep features and accomplished a general validation accuracy of 97.08% with an F1‐score of 0.973 in correctly classifying input. Furthermore, the concept of blockchain is utilized to preserve the integrity of the dataset and the results of the analysis.