Unpacking Techniques and Tools in Malware Analysis

Xie, Pei Dai; Li, Mei Jian; Wang, Yong Jun; Su, Jin Shu; Lu, Xi Cheng

doi:10.4028/www.scientific.net/amm.198-199.343

Cited by 3 publications

(1 citation statement)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Although these approaches mentioned above, mainly built on manually crafted detection patterns, are efficient and scalable, generally speaking, they are not available for new malware instances. More and more malwares adopt measures such as: shell protection [ 19 ], polymorphism [20], encryption [21], or packing [22], which make the analysis and detection of Android malware rather tough.…”

Section: Introductionmentioning

confidence: 99%

Android malicious code Classification using Deep Belief Network

Luo¹,

Tian²,

Long³

et al. 2018

KSII TIIS

View full text Add to dashboard Cite

This paper presents a novel Android malware classification model planned to classify and categorize Android malicious code at Drebin dataset. The amount of malicious mobile application targeting Android based smartphones has increased rapidly. In this paper, Restricted Boltzmann Machine and Deep Belief Network are used to classify malware into families of Android application. A texture-fingerprint based approach is proposed to extract or detect the feature of malware content. A malware has a unique "image texture" in feature spatial relations. The method uses information on texture image extracted from malicious or benign code, which are mapped to uncompressed gray-scale according to the texture image-based approach. By studying and extracting the implicit features of the API call from a large number of training samples, we get the original dynamic activity features sets. In order to improve the accuracy of classification algorithm on the features selection, on the basis of which, it combines the implicit features of the texture image and API call in malicious code, to train Restricted Boltzmann Machine and Back Propagation. In an evaluation with different malware and benign samples, the experimental results suggest that the usability of this method-using Deep Belief Network to classify Android malware by their texture images and API calls, it detects more than 94% of the malware with few false alarms. Which is higher than shallow machine learning algorithm clearly.

show abstract