An Android Malware Detection Method Based on Deep AutoEncoder

He, Nengqiang; Wang, Tianqi; Chen, Ping-Yang; Yan, Haowen; Jin, Zhengping

doi:10.1145/3299819.3299834

Cited by 15 publications

(5 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It designs a specific autoencoder structure that reduces the dimension of API feature vectors extracted and transformed from APK, and uses a logistic regression model for binary classification. The experimental results show that the detection method has the best effect when the weight ratio between benign training samples and malicious training samples is 1:4 on the data set composed of 5000 benign samples and 1200 malicious samples, and the recall rate and F1 value can reach 93% and 64.3% respectively [27].…”

Section: A Malware Detection Using Deep Learning Based On Static Anamentioning

confidence: 98%

“…In contrast, the adjustment of artificial super parameters takes much time. In [17] [27], the deep automatic encoder is used as the deep neural network's pre-training method to reduce the original feature vector's dimension and shorten the training time. In [16] [17] [25], it has processed the features, in [16], it uses the existing or similarity-based feature extraction method to improve the static features, to achieve the effective feature representation in malware detection.…”

Section: Research Status Analysismentioning

confidence: 99%

“…The limitation of this model is that it cannot be resistant to obfuscating techniques. In [27], the proposed method uses DAE to reduce the API feature vector's dimension and uses logistic regression binary classification model to detect malware. Using other deep learning models instead of logistic regression classification model may improve the detection accuracy.…”

Section: Research Status Analysismentioning

confidence: 99%

See 2 more Smart Citations

Review of Android Malware Detection Based on Deep Learning

2020

View full text Add to dashboard Cite

At present, smartphones running the Android operating system have occupied the leading market share. However, due to the Android operating system's open-source nature, Android malware has increased dramatically. Malware can steal user privacy and even maliciously charge fees and steal funds. It has posed a severe threat to cyberspace security because traditional detection methods have many limitations. With the widespread application of deep learning in recent years, the method of detecting Android malware using deep learning has gradually attracted widespread attention from scholars at home and abroad. Although scholars have researched Android malware detection using deep learning, there is currently a lack of a detailed and comprehensive introduction to malware detection's latest research results based on deep learning. In order to solve this problem, this study analyzes and summarizes the latest research results by investigating a large number of the latest domestic and international academic papers, summarizing malware detection architecture and detection schemes, and analyzing existing problems and challenges. This review will help researchers better understand the research status and future research directions in this field. INDEX TERMS Android, malware, deep learning, review.

show abstract

Section: A Malware Detection Using Deep Learning Based On Static Anamentioning

confidence: 98%

Section: Research Status Analysismentioning

confidence: 99%

Section: Research Status Analysismentioning

confidence: 99%

See 1 more Smart Citation

Review of Android Malware Detection Based on Deep Learning

2020

View full text Add to dashboard Cite

show abstract

“…Their ability to detect anomalies without labeled data is advantageous for identifying new malware variants. Traditional machine learning algorithms, like Decision Trees, offer superior interpretability and computational efficiency but rely on manual feature engineering and have limitations in anomaly detection [19]. Deep learning approaches, such as Convolutional Neural Networks (CNNs) and Recurrent Neural Networks (RNNs), excel in spatial and temporal contexts but require large labeled datasets and can be computationally intensive.…”

Section: Deep Autoencodermentioning

confidence: 99%

Deep learning-powered malware detection in cyberspace: a contemporary review

Redhu,

Choudhary,

Srinivasan

et al. 2024

Front. Phys.

View full text Add to dashboard Cite

This article explores deep learning models in the field of malware detection in cyberspace, aiming to provide insights into their relevance and contributions. The primary objective of the study is to investigate the practical applications and effectiveness of deep learning models in detecting malware. By carefully analyzing the characteristics of malware samples, these models gain the ability to accurately categorize them into distinct families or types, enabling security researchers to swiftly identify and counter emerging threats. The PRISMA 2020 guidelines were used for paper selection and the time range of review study is January 2015 to Dec 2023. In the review, various deep learning models such as Recurrent Neural Networks, Deep Autoencoders, LSTM, Deep Neural Networks, Deep Belief Networks, Deep Convolutional Neural Networks, Deep Generative Models, Deep Boltzmann Machines, Deep Reinforcement Learning, Extreme Learning Machine, and others are thoroughly evaluated. It highlights their individual strengths and real-world applications in the domain of malware detection in cyberspace. The review also emphasizes that deep learning algorithms consistently demonstrate exceptional performance, exhibiting high accuracy and low false positive rates in real-world scenarios. Thus, this article aims to contribute to a better understanding of the capabilities and potential of deep learning models in enhancing cybersecurity efforts.

show abstract

“…The aforementioned features can be represented in different forms: the vectorized representation and the graph-based representation. Features such as permissions or API calls [57]- [64], raw [65], [66] or processed [67] opcode sequences, and dynamic behaviors [68], [69] are mainly represented as vectors. Other graph-based features such as control flow graphs [70], [71] and data flow graphs [72] can be directly fed to DL models (e.g., Graph Convolutional Network [73], [74]) or embedded into vectors by graph embedding techniques (e.g., Graph2vec [75]).…”

Section: A Representation Learningmentioning

confidence: 99%

DexBERT: Effective, Task-Agnostic and Fine-Grained Representation Learning of Android Bytecode

Sun,

Allix,

Kim

et al. 2023

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

The automation of an increasingly large number of software engineering tasks is becoming possible thanks to Machine Learning (ML). One foundational building block in the application of ML to software artifacts is the representation of these artifacts (e.g., source code or executable code) into a form that is suitable for learning. Traditionally, researchers and practitioners have relied on manually selected features, based on expert knowledge, for the task at hand. Such knowledge is sometimes imprecise and generally incomplete. To overcome this limitation, many studies have leveraged representation learning, delegating to ML itself the job of automatically devising suitable representations and selections of the most relevant features. Yet, in the context of Android problems, existing models are either limited to coarse-grained whole-app level (e.g., apk2vec) or conducted for one specific downstream task (e.g., smali2vec). Thus, the produced representation may turn out to be unsuitable for fine-grained tasks or cannot generalize beyond the task that they have been trained on. Our work is part of a new line of research that investigates effective, task-agnostic, and fine-grained universal representations of bytecode to mitigate both of these two limitations. Such representations aim to capture information relevant to various low-level downstream tasks (e.g., at the class-level). We are inspired by the field of Natural Language Processing, where the problem of universal representation was addressed by building Universal Language Models, such as BERT, whose goal is to capture abstract semantic information about sentences, in a way that is reusable for a variety of tasks. We propose DexBERT, a BERT-like Language Model dedicated to representing chunks of DEX bytecode, the main binary format used in Android applications. We empirically assess whether DexBERT is able to model the DEX language and evaluate the suitability of our model in three distinct classlevel software engineering tasks: Malicious Code Localization, Defect Prediction, and Component Type Classification. We also experiment with strategies to deal with the problem of catering to apps having vastly different sizes, and we demonstrate one example of using our technique to investigate what information is relevant to a given task.

show abstract

An Android Malware Detection Method Based on Deep AutoEncoder

Cited by 15 publications

References 13 publications

Review of Android Malware Detection Based on Deep Learning

Review of Android Malware Detection Based on Deep Learning

Deep learning-powered malware detection in cyberspace: a contemporary review

DexBERT: Effective, Task-Agnostic and Fine-Grained Representation Learning of Android Bytecode

Contact Info

Product

Resources

About