Identifying Malicious Software Using Deep Residual Long-Short Term Memory

Alotaibi, Aziz

doi:10.1109/access.2019.2951751

Cited by 29 publications

(9 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…If the expressions and constraints of an application are in this rule library, this application will be considered as a malicious application. For example, to reduce the high false- [15], [16], [27], [28], [29], [30], [31], [32], [33], [34], [35], [36], [37], [39], [40], [41], [42], [43], [44], [45], [46], [47], [48], [49], [50], [51], [52], [53], [54], [55], [56], [57], [58], [59], [60], [61], [62], [63], [64], [94], [95], [98], [99], [100], [101], [102], [105], [109], [111],…”

Section: ) Publication Sourcementioning

confidence: 99%

A Systematic Literature Review of Android Malware Detection Using Static Analysis

et al. 2020

View full text Add to dashboard Cite

Android malware has been in an increasing trend in recent years due to the pervasiveness of Android operating system. Android malware is installed and run on the smartphones without explicitly prompting the users or without the user's permission, and it poses great threats to users such as the leakage of personal information and advanced fraud. To address these threats, various techniques are proposed by researchers and practitioners. Static analysis is one of these techniques, which is widely applied to Android malware detection and can detect malware quickly and prohibit malware before installation. To provide a clarified overview of the latest work in Android malware detection using static analysis, we perform a systematic literature review by identifying 98 studies from January 2014 to March 2020. Based on the features of applications, we first divide static analysis in Android malware detection into four categories, which include Android characteristic-based method, opcode-based method, program graph-based method, and symbolic execution-based method. Then we assess the malware detection capability of static analysis, and we compare the performance of different models in Android malware detection by analyzing the results of empirical evidence. Finally, it is concluded that static analysis is effective to detect Android malware. Moreover, there is a preliminary result that neural network model outperforms the non-neural network model in Android malware detection. However, static analysis still faces many challenges. Thus, it is necessary to derive some novel techniques for improving Android malware detection based on the current research community. Moreover, it is essential to establish a unified platform that is used to evaluate the performance of a series of techniques in Android malware detection fairly. INDEX TERMS Android malware detection, static analysis, systematic literature review.

show abstract

Section: ) Publication Sourcementioning

confidence: 99%

A Systematic Literature Review of Android Malware Detection Using Static Analysis

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Alotaibi, A. [17] proposed the MalResLSTM framework that is based on deep residual long short-term memory(LSTM) and also uses information in the manifest file, API calls and network addresses as features. These features are embedded in a vector space using one-hot encoding.…”

Section: Related Workmentioning

confidence: 99%

Impact of Code Deobfuscation and Feature Interaction in Android Malware Detection

Chen

Takahashi

et al. 2021

IEEE Access

View full text Add to dashboard Cite

With more than three million applications already in the Android marketplace, various malware detection systems based on machine learning have been proposed to prevent attacks from cybercriminals. Most of these systems use static analyses to extract application features. However, many features generated by static analyses are easily thwarted by obfuscation techniques. Several researchers are addressing the obfuscation problem with obfuscation-invariant features. However, to our knowledge, no researcher has utilized deobfuscation techniques. Thus, we use a code deobfuscation technique with an Android malware detection system and investigate its effects. Experimental results show that code deobfuscation can successfully retrieve useful information concealed by obfuscation. In addition, we propose interaction terms based on identified feature interactions. Since many feature values are correlated to the size of the application, the proposed interaction terms aim to eliminate the interference caused by the size of the application and other features. Experimental results also show that these interaction terms have a high ranking in terms of feature importance. Our proposed Android malware detection model achieves 99.55% accuracy and a 94.61% F1-score with the well-known Drebin dataset, surpassing the performance of previous work.

show abstract

“…Detection accuracy of 98% and 63% was achieved for small size families' malware and zero day malwares respectively. In MalResLSTM 22 , authors presented Long Short Term Memory(LSTM) based method to classify malapps. Feature extracted were mapped to vector space and processed in the LSTM based deep learning model to achieve the accuracy of 99.32%.…”

Section: Multiple Features and Multiple Classifiersmentioning

confidence: 99%

An Efficient Multistage Fusion Approach for Smartphone Security Analysis

2021

View full text Add to dashboard Cite

Android smartphone ecosystem is inundated with innumerable applications mainly developed by third party contenders leading to high vulnerability of these devices. In addition, proliferation of smartphone usage along with their potential applications in diverse field entice malware community to develop new malwares to attack these devices. In order to overcome these issues, an android malware detection framework is proposed wherein an efficient multistage fusion approach is introduced. For this, a robust unified feature vector is created by fusion of transformed feature matrices corresponding to multi-cue using non-linear graph based cross-diffusion. Unified feature is further subjected to multiple classifiers to obtain their classification scores. Classifier scores are further optimally fused employing Dezert-Smarandache Theory (DSmT). Strength of suggested model is assessed both qualitatively and quantitatively by ten-fold cross-validation on the benchmarked datasets. On an average of outcome, we achieved detection accuracy of 98.97% and F-measure of 0.9936.

show abstract

Identifying Malicious Software Using Deep Residual Long-Short Term Memory

Cited by 29 publications

References 47 publications

A Systematic Literature Review of Android Malware Detection Using Static Analysis

A Systematic Literature Review of Android Malware Detection Using Static Analysis

Impact of Code Deobfuscation and Feature Interaction in Android Malware Detection

An Efficient Multistage Fusion Approach for Smartphone Security Analysis

Contact Info

Product

Resources

About