Detecting malicious Android applications based on the network packets generated

Puerta, José Gaviria de la; Pastor-López, Iker; Porto, Igone; Sanz, Borja; Bringas, Pablo García

doi:10.1016/j.neucom.2020.08.095

Cited by 4 publications

(1 citation statement)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example, the authors 6‐8 use the static analysis, the References 9‐11 use a deep learning approach using static features. On the other hand, the authors in References 12‐15 detect malware with dynamic analysis. Static analysis is largely based on analyzing the content of Android apk files.…”

Section: Introductionmentioning

confidence: 99%

AMD‐CNN: Android malware detection via feature graph and convolutional neural networks

Arslan

Taşyürek

2022

Concurrency and Computation

View full text Add to dashboard Cite

Summary Android malware has become a serious threat to mobile device users, and effective detection and defence architectures are needed to solve this problem. Recently, machine learning techniques have been widely used to deal with Android malicious apps. These methods are based on a simple feature set and have difficulty detecting up‐to‐date malware. Therefore, more robust and efficient classification methodologies are needed. In this article, AMD‐CNN, an Android malware detection tool, is proposed, and it uses graphical representations to detect malicious apks. In the first step, the features related to the androidmanifest.xml file are extracted and converted into a vector consisting of one or zero. The feature vector is then converted to 2D‐code images and used in training the CNN network. The model needs low‐resource consumption to run on mobile devices and allow real‐time applications to be analyzed. The experiments with 1920 malicious and benign apks show that the malware detection rate (accuracy) was 96.2% and precision, recall, and F‐score values were 97.9%, 98.2%, and 98.1%, respectively. The average time and memory space to analyze each application are 0.035 s and 3.38 MB. AMD‐CNN is an efficient and robust tool and has advantages over previous studies.

show abstract

Section: Introductionmentioning

confidence: 99%