API Sequences Based Malware Detection for Android

Zhu, Jiawei; Wu, Zhengang; Guan, Zhi; Chen, Zhong

doi:10.1109/uic-atc-scalcom-cbdcom-iop.2015.135

Cited by 14 publications

(11 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Detecting Android malware uses techniques in two categories, either static analysis, with no code execution, or dynamic analysis, with an app executed in real-time and its behaviour studied. Traditional ML algorithms were adopted in early work, including SVMs [7], [8], [9], naive Bayes [10], kNN, k-means clustering [11], [12] and decision trees [10], [13], [14], [15], [16]. Such methods tend to have hand-crafted, manual rankings or selections of input features [10], [15], [17], [18].…”

Section: Related Work a Traditional ML Android Malware Detection Tech...mentioning

confidence: 99%

Multi-view deep learning for zero-day Android malware detection

Millar

McLaughlin

Rincón

et al. 2021

Journal of Information Security and Applications

View full text Add to dashboard Cite

Section: Related Work a Traditional ML Android Malware Detection Tech...mentioning

confidence: 99%

Multi-view deep learning for zero-day Android malware detection

Millar

McLaughlin

Rincón

et al. 2021

Journal of Information Security and Applications

View full text Add to dashboard Cite

“…1) Android Malware Detection: Early research on Android malware detection incorporates traditional machine learning approaches such as k nearest neighbors (kNN) [35], [42], [32], support vector machine (SVM) [55], [47] or Decision trees [18], [52] with manually selected features such as system calls [12], [13], permissions [39], embedded strings [10], APIs [42], [31], [53], and communication intents [48]. Later research tends to focus on deep learning algorithms and automatic feature engineering for Android malware detection.…”

Section: Related Workmentioning

confidence: 99%

Differential Training: A Generic Framework to Reduce Label Noises for Android Malware Detection

Deng

2021

Proceedings 2021 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

A common problem in machine learning-based malware detection is that training data may contain noisy labels and it is challenging to make the training data noise-free at a large scale. To address this problem, we propose a generic framework to reduce the noise level of training data for the training of any machine learning-based Android malware detection. Our framework makes use of all intermediate states of two identical deep learning classification models during their training with a given noisy training dataset and generate a noise-detection feature vector for each input sample. Our framework then applies a set of outlier detection algorithms on all noise-detection feature vectors to reduce the noise level of the given training data before feeding it to any machine learning based Android malware detection approach. In our experiments with three different Android malware detection approaches, our framework can detect significant portions of wrong labels in different training datasets at different noise ratios, and improve the performance of Android malware detection approaches.

show abstract

“…Therefore, some work considers API sequence as the app's unique feature to detect malapps. Studies [42], [47], [53], [81], [192], [196], [236] applied API sequence to detect malapps. Studies [53], [196] employed both API and API sequence as features.…”

Section: ) Apimentioning

confidence: 99%

Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and Directions

et al. 2019

View full text Add to dashboard Cite

The number of applications (apps) available for smart devices or Android based IoT (Internet of Things) has surged dramatically over the past few years. Meanwhile, the volume of ill-designed or malicious apps (malapps) has been growing explosively. To ensure the quality and security of the apps in the markets, many approaches have been proposed in recent years to discriminate malapps from benign ones. Machine learning is usually utilized in classification process. Accurately characterizing apps' behaviors, or so-called features, directly affects the detection results with machine learning algorithms. Android apps evolve very fast. The size of current apps has become increasingly large and the behaviors of apps have become increasingly complicated. The extracting effective and representative features from apps is thus an ongoing challenge. Although many types of features have been extracted in existing work, to the best of our knowledge, no work has systematically surveyed the features constructed for detecting Android malapps. In this paper, we are motivated to provide a clear and comprehensive survey of the state-of-the-art work that detects malapps by characterizing behaviors of apps with various types of features. Through the designed criteria, we collect a total of 1947 papers in which 236 papers are used for the survey with four dimensions: the features extracted, the feature selection methods employed if any, the detection methods used, and the scale of evaluation performed. Based on our in-depth survey, we highlight the issues of exploring effective features from apps, provide the taxonomy of these features and indicate the future directions.

show abstract

API Sequences Based Malware Detection for Android

Cited by 14 publications

References 6 publications

Multi-view deep learning for zero-day Android malware detection

Multi-view deep learning for zero-day Android malware detection

Differential Training: A Generic Framework to Reduce Label Noises for Android Malware Detection

Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and Directions

Contact Info

Product

Resources

About