“…Additionally, in Ref. [120], a one-dimensional feature vector is converted into a two-dimensional matrix to facilitate deep neural network learning.…”
Section: ) Data Preprocessingmentioning
confidence: 99%
“…The co-occurrence matrix is established based on the system call sequence and is then normalized and finally transformed into a vector. [120] Researchers convert the opcode sequence into a matrix vector, and transform the one-dimensional vector into a two-dimensional matrix, which is suitable for subsequent learning in a deep neural network (DNN). [121] The function call graphs (FCGs) extracted from an APK file are used to generate the topological signatures of the corresponding applications.…”
Section: ) Feature Selectionmentioning
confidence: 99%
“…[102], [110], [112], [120], [139], [141], [168], [172], [182], [184], [189], [191], [194], [199], [202], [211], [215], [216], [244], [248]- [251] Ensemble Learning (EL) Much more accurate than using a single model.…”
Section: ) Machine Learning Models and Algorithms Used In Android Mamentioning
confidence: 99%
“…In Ref. [120], the opcode sequence obtained from the Dalvik command in the application is converted into a feature vector, and the one-dimensional vector is further transformed into a two-dimensional matrix so as to facilitate the subsequent deep neural network (DNN) learning. Based on the effectiveness of neural networks in the field of image recognition, Refs.…”
Section: ) Machine Learning Models and Algorithms Used In Android Mamentioning
Android applications are developing rapidly across the mobile ecosystem, but Android malware is also emerging in an endless stream. Many researchers have studied the problem of Android malware detection and have put forward theories and methods from different perspectives. Existing research suggests that machine learning is an effective and promising way to detect Android malware. Notwithstanding, there exist reviews that have surveyed different issues related to Android malware detection based on machine learning. We believe our work complements the previous reviews by surveying a wider range of aspects of the topic. This paper presents a comprehensive survey of Android malware detection approaches based on machine learning. We briefly introduce some background on Android applications, including the Android system architecture, security mechanisms, and classification of Android malware. Then, taking machine learning as the focus, we analyze and summarize the research status from key perspectives such as sample acquisition, data preprocessing, feature selection, machine learning models, algorithms, and the evaluation of detection effectiveness. Finally, we assess the future prospects for research into Android malware detection based on machine learning. This review will help academics gain a full picture of Android malware detection based on machine learning. It could then serve as a basis for subsequent researchers to start new work and help to guide research in the field more generally.
“…Additionally, in Ref. [120], a one-dimensional feature vector is converted into a two-dimensional matrix to facilitate deep neural network learning.…”
Section: ) Data Preprocessingmentioning
confidence: 99%
“…The co-occurrence matrix is established based on the system call sequence and is then normalized and finally transformed into a vector. [120] Researchers convert the opcode sequence into a matrix vector, and transform the one-dimensional vector into a two-dimensional matrix, which is suitable for subsequent learning in a deep neural network (DNN). [121] The function call graphs (FCGs) extracted from an APK file are used to generate the topological signatures of the corresponding applications.…”
Section: ) Feature Selectionmentioning
confidence: 99%
“…[102], [110], [112], [120], [139], [141], [168], [172], [182], [184], [189], [191], [194], [199], [202], [211], [215], [216], [244], [248]- [251] Ensemble Learning (EL) Much more accurate than using a single model.…”
Section: ) Machine Learning Models and Algorithms Used In Android Mamentioning
confidence: 99%
“…In Ref. [120], the opcode sequence obtained from the Dalvik command in the application is converted into a feature vector, and the one-dimensional vector is further transformed into a two-dimensional matrix so as to facilitate the subsequent deep neural network (DNN) learning. Based on the effectiveness of neural networks in the field of image recognition, Refs.…”
Section: ) Machine Learning Models and Algorithms Used In Android Mamentioning
Android applications are developing rapidly across the mobile ecosystem, but Android malware is also emerging in an endless stream. Many researchers have studied the problem of Android malware detection and have put forward theories and methods from different perspectives. Existing research suggests that machine learning is an effective and promising way to detect Android malware. Notwithstanding, there exist reviews that have surveyed different issues related to Android malware detection based on machine learning. We believe our work complements the previous reviews by surveying a wider range of aspects of the topic. This paper presents a comprehensive survey of Android malware detection approaches based on machine learning. We briefly introduce some background on Android applications, including the Android system architecture, security mechanisms, and classification of Android malware. Then, taking machine learning as the focus, we analyze and summarize the research status from key perspectives such as sample acquisition, data preprocessing, feature selection, machine learning models, algorithms, and the evaluation of detection effectiveness. Finally, we assess the future prospects for research into Android malware detection based on machine learning. This review will help academics gain a full picture of Android malware detection based on machine learning. It could then serve as a basis for subsequent researchers to start new work and help to guide research in the field more generally.
“…The model is trained using smali files from 50 apks and it outperforms traditional ML models with an AUC of 85.98% and 70% in both WPDP and CPDP mode respectively. In [371], a CNN based android malware detection framework is presented. The model uses opcode sequences from decompiled apk files to learn to differentiate between malicious and benign apps.…”
<div>This work aims to review the state-of-the-art deep learning architectures in Cyber Security applications by highlighting the contributions and challenges from various recent research papers.<br></div>
Android platform has been the target of attackers due to its openness and increasing popularity. Android malware has explosively increased in recent years, which poses serious threats to Android security. Thus proposing efficient Android malware detection methods is curial in defeating malware. Various features extracted from static or dynamic analysis using machine learning have played an important role in malware detection recently. However, existing code obfuscation, code encryption, and dynamic code loading techniques can be employed to hinder systems that single based on static analysis, purely dynamic analysis systems cannot detect all potential code execution paths. To address these issues, we propose CoDroid, a sequence-based hybrid Android malware detection method, which utilizes the sequences of static opcode and dynamic system call. We treat one sequence as a sentence in the natural language processing and construct a CNN-BiLSTM-Attention classifier which consists of Convolutional Neural Networks (CNNs), the Bidirectional Long Short-Term Memory (BiLSTM) with an attention language model. We extensively evaluate CoDroid under a real-world data set and perform comprehensive analysis against other existing related detection methods. The evaluations show the effectiveness and flexibility of CoDroid across a variety of experimental settings.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.