Malware Detection Method Based on CNN

Abstract

With the widespread use of smartphones, many malware attacks such as user’s private information is stolen or leaking have been proposed. Furthermore, the hacker can manipulate these smartphones to become a member of malicious attackers. Therefore, how to detect the malware application has become one of the most important issues. Until now, two detection methods (static analysis and dynamic analysis) were discussed. For the static analysis view, it observes the source code to determine whether it is a malware application. However, the source code will be processed (such as packing or confusion) before it is shared. Therefore, the static analysis method is not able to detect it because we cannot get the recover code correctly and completely. In order to overcome this disadvantage, a new detection method based on CNN (convolutional neural network) will be proposed in this paper. The major contribution of our proposed scheme is that we can decompress the APK (Android application package) file directly, to obtain the classes.dex file and then uses the training detection model to determine whether the input classes.dex is malicious code or not. Finally, according to the experiment results, our proposed scheme is available for all APKs with an accuracy rate is 94%.