Abstract
The traditional neural network can maintain the performance of identifying Android malware by learning Android characteristics. But owing to the rapid growth of Android information, it cannot deal with the massive data efficiently for millions of Android applications. In this paper, we propose a novel NN-based model (RaNetMalDozer) for Android malware detection to improve the accuracy rate of classification and the training speed. The RaNetMalDozer (RNMD) can dynamically select hidden centers by a heuristic approach and expeditiously gather the large-scale datasets of 12,750 Android applications. To systematically analyze Android kernel behaviors, we investigate 112 Android kernel features of task_struct and offer forensic analysis of key kernel features. Furthermore, compared to the traditional neural network, EBPN method which achieves an accuracy rate of 81%, our RNMD model achieves an accuracy rate of 94% with half of training and evaluation time. Our experiments also demonstrate the RNMD model can be used as a better technique of Android malware detection.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
http://apkpc.com/apps/com.microsoft.amp.apps.bingfinance.apk
https://forums.tomsguide.com/threads/porn-virus-on-smartphone.185058/
Android malicious threats. http://usa.kaspersky.com/internet-security-center
Andrychowicz, M., et al.: Learning to learn by gradient descent by gradient descent. In: Advances in Neural Information Processing Systems, pp. 3981–3989 (2016)
Armijo, L.: Minimization of functions having lipschitz continuous first partial derivatives. Pac. J. Math. 16(1), 1–3 (1966)
Bugiel, S., Davi, L., Dmitrienko, A., Fischer, T., Sadeghi, A.R.: Xmandroid: a new android evolution to mitigate privilege escalation attacks. Technische Universität Darmstadt, Technical report TR-2011-04 (2011)
Cawley, G.C., Talbot, N.L.: On over-fitting in model selection and subsequent selection bias in performance evaluation. J. Mach. Learn. Res. 11(Jul), 2079–2107 (2010)
Chen, S., Cowan, C.F., Grant, P.M.: Orthogonal least squares learning algorithm for radial basis function networks. IEEE Trans. Neural Networks 2(2), 302–309 (1991)
Demme, J., et al.: On the feasibility of online malware detection with performance counters. ACM SIGARCH Comput. Archit. News 41(3), 559–570 (2013)
Ghorbanzadeh, M., Chen, Y., Ma, Z., Clancy, T.C., McGwier, R.: A neural network approach to category validation of android applications. In: 2013 International Conference on Computing, Networking and Communications (ICNC), pp. 740–744. IEEE (2013)
Grosse, K., Papernot, N., Manoharan, P., Backes, M., McDaniel, P.: Adversarial perturbations against deep neural networks for malware classification. arXiv preprint arXiv:1606.04435 (2016)
Hagan, M.T., Demuth, H.B., Beale, M.H., De Jesús, O.: Neural Network Design, vol. 20. PWS Publishing Company, Boston (1996)
Hou, S., Saas, A., Ye, Y., Chen, L.: DroidDelver: an android malware detection system using deep belief network based on API call blocks. In: Song, S., Tong, Y. (eds.) WAIM 2016. LNCS, vol. 9998, pp. 54–66. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47121-1_5
Hsien-De Huang, T., Kao, H.Y.: R2–d2: color-inspired convolutional neural network (CNN)-based android malware detections. In: 2018 IEEE International Conference on Big Data (Big Data), pp. 2633–2642. IEEE (2018)
Isohara, T., Takemori, K., Kubota, A.: Kernel-based behavior analysis for android malware detection. In: 2011 Seventh International Conference on Computational Intelligence and Security (CIS), pp. 1011–1015. IEEE (2011)
Kim, H., Smith, J., Shin, K.G.: Detecting energy-greedy anomalies and mobile malware variants. In: Proceedings of the 6th International Conference on Mobile Systems, Applications, and Services, pp. 239–252. ACM (2008)
Kim, H.H., Choi, M.J.: Linux kernel-based feature selection for android malware detection. In: The 16th Asia-Pacific Network Operations and Management Symposium, pp. 1–4. IEEE (2014)
Lanzi, A., Balzarotti, D., Kruegel, C., Christodorescu, M., Kirda, E.: Accessminer: using system-centric models for malware protection. In: Proceedings of the 17th ACM Conference on Computer and Communications Security. pp. 399–412. ACM (2010)
Milosevic, N., Dehghantanha, A., Choo, K.K.R.: Machine learning aided android malware classification. Comput. Electr. Eng. 61, 266–274 (2017)
Que, Q., Belkin, M.: Back to the future: radial basis function networks revisited. In: AISTATS, pp. 1375–1383 (2016)
Rastogi, V., Chen, Y., Jiang, X.: Droidchameleon: evaluating android anti-malware against transformation attacks. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 329–334. ACM (2013)
Schwenker, F., Kestler, H.A., Palm, G.: Three learning phases for radial-basis-function networks. Neural Networks 14(4), 439–458 (2001)
Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: “andromaly”: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161–190 (2012)
Shahzad, F., Akbar, M., Khan, S., Farooq, M.: Tstructdroid: realtime malware detection using in-execution dynamic analysis of kernel process control blocks on android. National University of Computer & Emerging Sciences, Islamabad, Pakistan, Technical Report (2013)
Socher, R., Manning, C.D., Ng, A.Y.: Learning continuous phrase representations and syntactic parsing with recursive neural networks. In: Proceedings of the NIPS-2010 Deep Learning and Unsupervised Feature Learning Workshop, vol. 2010, pp. 1–9 (2010)
Tan, D.J., Chua, T.W., Thing, V.L., et al.: Securing android: a survey, taxonomy, and challenges. ACM Comput. Surv. (CSUR) 47(4), 58 (2015)
Wu, W.C., Hung, S.H.: Droiddolphin: a dynamic android malware detection framework using big data and machine learning. In: Proceedings of the 2014 Conference on Research in Adaptive and Convergent Systems, pp. 247–252. ACM (2014)
Yao, J., Zheng, S., Bai, Z.: Sample Covariance Matrices and High-Dimensional Data Analysis, vol. 2. Cambridge University Press, Cambridge (2015)
Zhu, D., Jin, H., Yang, Y., Wu, D., Chen, W.: Deepflow: deep learning-based malware detection by mining android application for abnormal usage of sensitive data. In: 2017 IEEE Symposium on Computers and Communications (ISCC), pp. 438–443. IEEE (2017)
Acknowledgement
This research was funded by Fundamental Research Funds for the Central Universities under Grant 201962012.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Wang, X., Li, C. (2020). RaNetMalDozer: A Novel NN-Based Model for Android Malware Detection Over Task Kernel Structures. In: Wen, S., Zomaya, A., Yang, L. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2019. Lecture Notes in Computer Science(), vol 11944. Springer, Cham. https://doi.org/10.1007/978-3-030-38991-8_33
Download citation
DOI: https://doi.org/10.1007/978-3-030-38991-8_33
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-38990-1
Online ISBN: 978-3-030-38991-8
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)