VisDroid: Android malware classification based on local and global image features, bag of visual words and machine learning techniques

Bakour, Khaled; Ünver, Halil Murat

doi:10.1007/s00521-020-05195-w

Cited by 44 publications

(23 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Malware can be labeled certain categories by analyzing their behaviors and objectives, and hence, identifying the family types of malicious software is beneficial for further analysis and proposing protection strategies. 14 studies formulate the malware family prediction task as multi-classification to classify one sample into the families that the sample likely belongs to [18,20,49,76,108,113,120,121,127,132,152,164,190,206], while Zhang et al present a hybrid representation learning approach to clustering weakly-labeled malware to corresponding families [202]. Except for existing defined family types like Ransomware, zero-day family malware is an emerging issue, posing new challenges for welltrained models due to the lack of knowledge.…”

Section: Results Analysismentioning

confidence: 99%

“…By the decompilation of classes.dex, API calls, used permissions or string features like network addresses can be extracted from disassembled java codes [76,122,209] or smali codes [57,68,113,172]. On the other hand, the source files, including APK [19,108,164,194], classes.dex [8,69,137,152], resources files [20,80], and smali codes [9,91,107,190,206], can be inputted directly as text features or bytecode features. Except the features from source files, the application information in app markets, metadata pertaining to Android application, could also be used as features [42,46,77,151].…”

Section: Static Analysismentioning

confidence: 99%

See 1 more Smart Citation

Deep Learning for Android Malware Defenses: a Systematic Literature Review

Liu,

Tantithamthavorn,

et al. 2021

Preprint

View full text Add to dashboard Cite

Malicious applications (especially in the Android platform) are a serious threat to developers and end-users. Many research efforts have hence been devoted to developing effective approaches to defend Android malware. However, with the explosive growth of Android malware and the continuous advancement of malicious evasion technologies like obfuscation and reflection, android malware defenses based on manual rules or traditional machine learning may not be effective due to limited apriori knowledge. In recent years, a dominant research field of deep learning (DL) with the powerful feature abstraction ability has demonstrated a compelling and promising performance in various fields, like Nature Language processing and image processing. To this end, employing deep learning techniques to thwart the attack of Android malware has recently gained considerable research attention. Yet, there exists no systematic literature review that focuses on deep learning approaches for Android Malware defenses. In this paper, we conducted a systematic literature review to search and analyze how deep learning approaches have been applied in the context of malware defenses in the Android environment. As a result, a total of 104 studies were identified over the period 2014-2020. The results of our investigation show that even though most of these studies still mainly consider DL-based on Android malware detection, 35 primary studies (33.7%) design the defenses approaches based on other scenarios. This review also describes research trends, research focuses, challenges, and future research directions in DL-based Android malware defenses.CCS Concepts: • Security and privacy → Malware and its mitigation; Software security engineering;• General and reference → Surveys and overviews.

show abstract

Section: Results Analysismentioning

confidence: 99%

Section: Static Analysismentioning

confidence: 99%

Deep Learning for Android Malware Defenses: a Systematic Literature Review

Liu,

Tantithamthavorn,

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…It is important to highlight that during the last years we have witnessed a flourishing of online tools enabling digital services' owners to generate, in a handful of clicks, their ToS 4 . Therefore, we can argue that is plausible a significant part of clauses can be very similar in ToS across a wide range of online services.…”

Section: Clauses Representationmentioning

confidence: 99%

“…• We propose a novel machine learning-based approach to classify clauses in ToS, represented by using sentence embedding, into both categories and fairness classes (a legally determined concept that is much more complex but also growingly relevant in data mining research [23]). Support Vector Machine (for clauses' categories) and Random Forest (for clauses' fairness levels) resulted to be the most suitable methods for our specific problem after a comparing phase with other widely adopted classifiers [4,43]. As a result, we obtained a F1-score of 86% in classifying the clauses into (a predefined set of) categories and up to 81% in classifying them according their level of fairness, i.e., potentially unfair and fair clauses.…”

Section: Introductionmentioning

confidence: 98%

A machine learning-based approach to identify unlawful practices in online terms of service: analysis, implementation and evaluation

Guarino

Lettieri²,

Malandrino

et al. 2021

Neural Comput & Applic

View full text Add to dashboard Cite

Terms of Service (ToS) are fundamental factors in the creation of physical as well as online legally relevant relationships. They not only define mutual rights and obligations but also inform users about contract key issues that, in online settings, span from liability limitations to data management and processing conditions. Despite their crucial role, however, ToS are often neglected by users that frequently accept without even reading what they agree upon, representing a critical issue when there exist potentially unfair clauses. To enhance users’ awareness and uphold legal safeguards, we first propose a definition of ToS unfairness based on a novel unfairness measure computed counting the unfair clauses contained in a ToS, and therefore, weighted according to their direct impact on the customers concrete interests. Secondly, we introduce a novel machine learning-based approach to classify ToS clauses, represented by using sentence embedding, in different categories classes and fairness levels. Results of a test involving well-known machine learning models show that Support Vector Machine is able to classify clauses into categories with a F1-score of 86% outperforming state-of-the-art methods, while Random Forest is able to classify clauses into fairness levels with a F1-score of 81%. With the final goal of making terms of service more readable and understandable, we embedded this approach into ToSware, a prototype of a Google Chrome extension. An evaluation study was performed to measure ToSware effectiveness, efficiency, and the overall users’ satisfaction when interacting with it.

show abstract

“…For instance, in the KNN approach, a sample is classified to family f1 if it has k-nearest neighbors belonging to family f1. It is to be noted that many solutions leveraging machine learning and big data techniques are appearing to develop malware detection models [153][154][155]. Computer vision techniques have been becoming popular among the research communities to detect and classify malware applications [156,157].…”

Section: Module IIImentioning

confidence: 99%

Identifying Major Research Areas and Minor Research Themes of Android Malware Analysis and Detection Field Using LSA

et al. 2021

View full text Add to dashboard Cite

Contemporary technologies have ensured the availability of high-quality research data shared over the Internet. This has resulted in a tremendous availability of research literature, which keeps evolving itself. Thus, identification of core research areas and trends in such ever-evolving literature is not only challenging but interesting too. An empirical overview of contemporary machine learning methods, which have the potential to expedite evidence synthesis within research literature, has been explained. This manuscript proposes Simulating Expert comprehension for Analyzing Research trends (SEAR) framework, which can perform subjective and quantitative investigation over enormous literature. TRENDMINER is the use case designed exclusively for the SEAR framework. TRENDMINER uncovered the intellectual structure of a corpus of 444 abstracts of research articles (published during 2010–2019) on Android malware analysis and detection. The study concludes with the identification of three core research areas, twenty-seven research trends. The study also suggests the potential future research directions.

show abstract

VisDroid: Android malware classification based on local and global image features, bag of visual words and machine learning techniques

Cited by 44 publications

References 33 publications

Deep Learning for Android Malware Defenses: a Systematic Literature Review

Deep Learning for Android Malware Defenses: a Systematic Literature Review

A machine learning-based approach to identify unlawful practices in online terms of service: analysis, implementation and evaluation

Identifying Major Research Areas and Minor Research Themes of Android Malware Analysis and Detection Field Using LSA

Contact Info

Product

Resources

About