Abstract
The malicious APK (Android Application Package) makers use some techniques such as code obfuscation and code encryption to avoid existing detection methods, which poses new challenges for accurate virus detection and makes it more and more difficult to detect the malicious code. A report indicates that a new malicious app for Android is created every 10 seconds. To combat this serious malware activity, a scalable malware detection approach is needed, which can effectively and efficiently identify the malware apps. Common static detection methods often rely on Hash matching and analysis of viruses, which cannot quickly detect new malicious Android applications and their variants. In this paper, a malicious Android application detection method is proposed, which is implemented by the deep network fusion model. The hybrid model only needs to use the sample training model to achieve high accuracy in the identification of the malicious applications, which is more suitable for the detection of the new malicious Android applications than the existing methods. This method extracts the static features in the core code of the Android application by decompiling APK files, then performs code vectorization processing, and uses the deep learning network for classification and discrimination. Our experiments with a data set containing 10,170 apps show that the decisions from the hybrid model can increase the malware detection rate significantly on a real device, which verifies the superiority of this method in the detection of malicious codes.
Highlights
Among all smartphone operating systems, Android has occupied over 85% of market share
In order to verify that the evolution model proposed in this article has stronger detection capabilities than the other deep learning models that have been used for malware detection, this experiment uses the same batch of samples to compare our model with multiple deep learning models
convolutional neural networks (CNN)-LSTM is a hybrid model based on convolutional network and long short-term memory proposed by Wang [35]
Summary
Among all smartphone operating systems, Android has occupied over 85% of market share. E static analysis utilizes the reverse-engineering techniques to analyze the source code of the Android application, which relies on the semantic signatures and focuses on analyzing code snippets without executing them [6, 7] It extracts the static features from the malicious apps, including all string constants [8] and URL addresses in the source code [9, 10], function names of all components in Security and Communication Networks the source code [11], and any other static information to determine whether an app exhibits malicious behavior. (2) is paper proposes a deep convolution model for Android malicious app detection using multiple receptive fields—DTCNN (Deep Text Convolutional Neural Networks).
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
