MemDroid - LSTM Based Malware Detection Framework for Android Devices

Abstract

Android smartphones are very popular today due to its versatile features and cost-effectiveness. The popularity of the gadget has attracted malware writers to target the device for spreading malicious software. A large number of malicious software is being introduced daily into the cyber space intended to attack various Android devices and versions. Detection and classification of Android malware is an important problem for researchers due to the severity of threat that the malware poses to the Android users and their information. In this paper, an Android malware detection framework based on Long Short-Term Memory is proposed. We use the relatively recent Android malware database Androzoo for training the LSTM network. The Android system call sequences for malicious software are traced and converted into feature set vector to model the classifier. The experiment is carried out for different sequence lengths to identify the optimum one in order to achieve the highest detection rate. The proposed framework generates an accuracy of 99.23% for detecting Android malware apps. The result obtained is very promising, compared to similar frameworks. Our research work reiterates that Deep Learning based classifiers are more suitable for malware detection than traditional Machine Learning based models.