Journal ArticleDOI
Multi-view deep learning for zero-day Android malware detection
Stuart Millar,Niall McLaughlin,Jesus Martinez del Rincon,Paul Miller +3 more
- Vol. 58, pp 102718
Reads0
Chats0
TLDR
This work presents a novel multi-view deep learning Android malware detector with no specialist malware domain insight used to select, rank or hand-craft input features, encapsulating knowledge inside a deep learning neural net with no prior understanding of malicious characteristics.Abstract:
Zero-day malware samples pose a considerable danger to users as implicitly there are no documented defences for previously unseen, newly encountered behaviour. Malware detection therefore relies on past knowledge to attempt to deal with zero-days. Often such insight is provided by a human expert hand-crafting and pre-categorising certain features as malicious. However, tightly coupled feature-engineering based on previous domain knowledge risks not being effective when faced with a new threat. In this work we decouple this human expertise, instead encapsulating knowledge inside a deep learning neural net with no prior understanding of malicious characteristics. Raw input features consist of low-level opcodes, app permissions and proprietary Android API package usage. Our method makes three main contributions. Firstly, a novel multi-view deep learning Android malware detector with no specialist malware domain insight used to select, rank or hand-craft input features. Secondly, a comprehensive zero-day scenario evaluation using the Drebin and AMD benchmarks, with our model achieving weighted average detection rates of 91% and 81% respectively, an improvement of up to 57% over the state-of-the-art. Thirdly, a 77% reduction in false positives on average compared to the state-of-the-art, with excellent F1 scores of 0.9928 and 0.9963 for the general detection task again on the Drebin and AMD benchmark datasets respectively.read more
Citations
More filters
Journal ArticleDOI
HCRNNIDS: Hybrid Convolutional Recurrent Neural Network-Based Network Intrusion Detection System
TL;DR: A convolutional recurrent neural network (CRNN) is used to create a DL-based hybrid ID framework that predicts and classifies malicious cyberattacks in the network, and the proposed HCRNNIDS substantially outperforms current ID methodologies.
Journal ArticleDOI
Android Mobile Malware Detection Using Machine Learning: A Systematic Review
TL;DR: This paper provides a systematic review of ML-based Android malware detection techniques and critically evaluates 106 carefully selected articles and highlights their strengths and weaknesses as well as potential improvements.
Journal ArticleDOI
Malware Detection Issues, Challenges, and Future Directions: A Survey
Faitour. A. Aboaoja,Anazida Zainal,Fuad A. Ghaleb,Bander Ali Saleh Al-rimy,Taiseer Abdalla Elfadil Eisa,Asma Abbas Hassan Elnour +5 more
TL;DR: A feature representation taxonomy is introduced in addition to the deeper taxonomy of malware analysis and detection approaches and links each approach with the most commonly used data types and introduces the feature extraction method according to the techniques used instead of the analysis approach.
Journal ArticleDOI
Artificial Intelligence Algorithms for Malware Detection in Android-Operated Mobile Devices
TL;DR: The machine learning and deep learning algorithms successfully detected the malware on Android applications, showing that the SVM, LSTM, and CNN-LSTM algorithms are of high efficiency in the detection of malware in the Android environment.
Journal ArticleDOI
Towards Explainable CNNs for Android Malware Detection
TL;DR: In this paper, the authors present a method to identify locations deemed important by CNNs in an Android app's opcode sequence which appear to contribute to malware detection, and a comparison of such locations highlighted by the CNN with those locations considered important from the state-of-the-art explainability method LIME.
References
More filters
Proceedings Article
ImageNet Classification with Deep Convolutional Neural Networks
TL;DR: The state-of-the-art performance of CNNs was achieved by Deep Convolutional Neural Networks (DCNNs) as discussed by the authors, which consists of five convolutional layers, some of which are followed by max-pooling layers, and three fully-connected layers with a final 1000-way softmax.
Posted Content
Efficient Estimation of Word Representations in Vector Space
TL;DR: This paper proposed two novel model architectures for computing continuous vector representations of words from very large data sets, and the quality of these representations is measured in a word similarity task and the results are compared to the previously best performing techniques based on different types of neural networks.
Proceedings ArticleDOI
Rapid object detection using a boosted cascade of simple features
Paul A. Viola,Michael Jones +1 more
TL;DR: A machine learning approach for visual object detection which is capable of processing images extremely rapidly and achieving high detection rates and the introduction of a new image representation called the "integral image" which allows the features used by the detector to be computed very quickly.
Proceedings ArticleDOI
Convolutional Neural Networks for Sentence Classification
TL;DR: The CNN models discussed herein improve upon the state of the art on 4 out of 7 tasks, which include sentiment analysis and question classification, and are proposed to allow for the use of both task-specific and static vectors.
Proceedings ArticleDOI
Dissecting Android Malware: Characterization and Evolution
Yajin Zhou,Xuxian Jiang +1 more
TL;DR: Systematize or characterize existing Android malware from various aspects, including their installation methods, activation mechanisms as well as the nature of carried malicious payloads reveal that they are evolving rapidly to circumvent the detection from existing mobile anti-virus software.