Droiddetector: android malware characterization and detection using deep learning

Yuan, Zhenlong; Lü, Yongqiang; Xue, Yibo

doi:10.1109/tst.2016.7399288

Cited by 383 publications

(172 citation statements)

References 24 publications

Supporting

Mentioning

158

Contrasting

Unclassified

Order By: Relevance

“…Droid-Sec Yuan et al (2014) is one of the first frameworks that applied deep learning to classify Android malware, achieving 96.5% accuracy using 200 features extracted by means of a hybrid (static + dynamic) approach evaluated on 250 clean and 250 malware Android apps. Droid-Sec was a preliminary work for DroidDetector Yuan et al (2016) , where the authors increased the number of the analysed apps to 20,0 0 0 clean and 1760 malware and achieved 96.76% accuracy. Hou et al (2016) proposed Deep4MalDroid , an automatic Android malware detection system, which will dynamically extract Linux kernel system calls using Genymotion emulator.…”

Section: Related Workmentioning

confidence: 99%

“…2 , we can conclude that DL-Droid with stateful input generation (our initially proposed approach) achieves the best detection accuracy. ( Yuan et al, 2016 ) in all other metrics, while utilizing more samples for the experiments. DL-Droid also outperforms Maldozer ( Karbab et al, 2017 ), Deep4MalDroid ( Hou et al, 2016 ), AutoDroid ( Hou et al, 2017 ) and the CNN approach presented in ( McLaughlin et al, 2017 ).…”

Section: Comparison Of the Performance Of The Deep Learning Classifiementioning

confidence: 99%

See 1 more Smart Citation

DL-Droid: Deep learning based android malware detection using real devices

Alzaylaee

Yerima

Sezer

2020

Computers & Security

314

141

View full text Add to dashboard Cite

a b s t r a c tThe Android operating system has been the most popular for smartphones and tablets since 2012. This popularity has led to a rapid raise of Android malware in recent years. The sophistication of Android malware obfuscation and detection avoidance methods have significantly improved, making many traditional malware detection methods obsolete. In this paper, we propose DL-Droid, a deep learning system to detect malicious Android applications through dynamic analysis using stateful input generation. Experiments performed with over 30,0 0 0 applications (benign and malware) on real devices are presented. Furthermore, experiments were also conducted to compare the detection performance and code coverage of the stateful input generation method with the commonly used stateless approach using the deep learning system. Our study reveals that DL-Droid can achieve up to 97.8% detection rate (with dynamic features only) and 99.6% detection rate (with dynamic + static features) respectively which outperforms traditional machine learning techniques. Furthermore, the results highlight the significance of enhanced input generation for dynamic analysis as DL-Droid with the state-based input generation is shown to outperform the existing state-of-the-art approaches.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Comparison Of the Performance Of The Deep Learning Classifiementioning

confidence: 99%

DL-Droid: Deep learning based android malware detection using real devices

Alzaylaee

Yerima

Sezer

2020

Computers & Security

314

141

View full text Add to dashboard Cite

show abstract

“…AutoMal additionally empowers unsupervised learning, by executing various bunching calculations for tests gathering. An assessment of both AutoMal and MaLabel in view of medium-scale [40] presented a deep learning method to connect the components from the static investigation with elements from the dynamic investigation of Android applications. In addition, they actualized an Android malware detection engine based on the deep-learning method (DroidDetector) that can consequently distinguish whether a file has a malicious behavior or not.…”

Section: Review Of the Selected Behavior-based Approachesmentioning

confidence: 99%

A state-of-the-art survey of malware detection approaches using data mining techniques

Souri

Hosseini

2018

Hum. Cent. Comput. Inf. Sci.

304

166

View full text Add to dashboard Cite

Data mining techniques have been concentrated for malware detection in the recent decade. The battle between security analyzers and malware scholars is everlasting as innovation grows. The proposed methodologies are not adequate while evolutionary and complex nature of malware is changing quickly and therefore turn out to be harder to recognize. This paper presents a systematic and detailed survey of the malware detection mechanisms using data mining techniques. In addition, it classifies the malware detection approaches in two main categories including signature-based methods and behavior-based detection. The main contributions of this paper are: (1) providing a summary of the current challenges related to the malware detection approaches in data mining, (2) presenting a systematic and categorized overview of the current approaches to machine learning mechanisms, (3) exploring the structure of the significant methods in the malware detection approach and (4) discussing the important factors of classification malware approaches in the data mining. The detection approaches have been compared with each other according to their importance factors. The advantages and disadvantages of them were discussed in terms of data mining models, their evaluation method and their proficiency. This survey helps researchers to have a general comprehension of the malware detection field and for specialists to do consequent examinations.

show abstract

“…Then, it performed dynamic analysis to log actions especially those based on native API calls. DroidDetector [15] extracted 192 features from both static and dynamic analyses including required permissions, sensitive API, and dynamic behaviors emulated using DroidBox and then detected malware using a DNN-based deep learning model. Marvin [16] collected requested permissions, components, SDK version, and a complete list of available Java methods during static analysis.…”

Section: Detection Using Hybridmentioning

confidence: 99%

Mlifdect: Android Malware Detection Based on Parallel Machine Learning and Information Fusion

Wang

Zhang

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

In recent years, Android malware has continued to grow at an alarming rate. More recent malicious apps' employing highly sophisticated detection avoidance techniques makes the traditional machine learning based malware detection methods far less effective. More specifically, they cannot cope with various types of Android malware and have limitation in detection by utilizing a single classification algorithm. To address this limitation, we propose a novel approach in this paper that leverages parallel machine learning and information fusion techniques for better Android malware detection, which is named Mlifdect. To implement this approach, we first extract eight types of features from static analysis on Android apps and build two kinds of feature sets after feature selection. Then, a parallel machine learning detection model is developed for speeding up the process of classification. Finally, we investigate the probability analysis based and Dempster-Shafer theory based information fusion approaches which can effectively obtain the detection results. To validate our method, other state-of-the-art detection works are selected for comparison with real-world Android apps. The experimental results demonstrate that Mlifdect is capable of achieving higher detection accuracy as well as a remarkable run-time efficiency compared to the existing malware detection solutions.

show abstract

Droiddetector: android malware characterization and detection using deep learning

Cited by 383 publications

References 24 publications

DL-Droid: Deep learning based android malware detection using real devices

DL-Droid: Deep learning based android malware detection using real devices

A state-of-the-art survey of malware detection approaches using data mining techniques

Mlifdect: Android Malware Detection Based on Parallel Machine Learning and Information Fusion

Contact Info

Product

Resources

About