Skip to main content
SpringerLink
Log in

Image-based Android Malware Detection Models using Static and Dynamic Features

  • Conference paper
  • First Online:
Intelligent Systems Design and Applications (ISDA 2021)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 418))

Abstract

Today smartphones are an indispensable part of our everyday activities and store a plethora of sensitive as well as personal information. However, this information is an attractive target of malware designers that can be validated with an ever-increasing number of smartphone malware. Recently researchers explored deep learning for detecting android malware and have seen encouraging results. In this paper, we propose an effective image-based android malware detection system. We used both static and dynamic analysis of android applications to extract six different features: intent, opcode, permission from static analysis, and unigram, bigram, trigram from system call log using dynamic analysis. Then, we proposed a custom malware detection model (MalCNN) that uses static features and achieved accuracy and AUC of \(99.56\%\) and 0.99 respectively in malware detection. We also explored MobileNetV2 based malware detection models for dynamic features that achieved accuracy and AUC of \(99.85\%\) and 0.99 respectively in malware detection. Our experimental results show that image representation of static or dynamic features can be used for effective malware detection.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 259.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 329.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Cuckoo Sandbox - Automated Malware Analysis (2021). https://cuckoosandbox.org/. Accessed Oct 2021

  2. CUDA Zone (2021). https://developer.nvidia.com/cuda-zone. Accessed Oct 2021

  3. Google Colaboratory (2021). https://colab.research.google.com/. Accessed Oct 2021

  4. Google Play Store (2021). https://play.google.com/storeAccessed Oct 2021

  5. Total amount of malware and PUA under Android (2021). https://portal.av-atlas.org/malware/statistics. Accessed Oct 2021

  6. Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of android malware in your pocket. In: Network and Distributed System Security (NDSS) Symposium, vol. 14, pp. 23–26 (2014)

    Google Scholar 

  7. Ganesh, M., Pednekar, P., Prabhuswamy, P., Nair, D.S., Park, Y., Jeon, H.: CNN-based android malware detection. In: 2017 International Conference on Software Security and Assurance (ICSSA), pp. 60–65. IEEE (2017)

    Google Scholar 

  8. He, K., Zhang, X., Ren, S., Sun, J.: Deep residual learning for image recognition. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 770–778 (2016)

    Google Scholar 

  9. McLaughlin, N., et al.: Deep android malware detection. In: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, pp. 301–308 (2017)

    Google Scholar 

  10. Nataraj, L., Karthikeyan, S., Jacob, G., Manjunath, B.S.: Malware images: visualization and automatic classification. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security, pp. 1–7 (2011)

    Google Scholar 

  11. Rathore, H., Sahay, S.K., Rajvanshi, R., Sewak, M.: Identification of significant permissions for efficient android malware detection. In: Gao, H., J. Durán Barroso, R., Shanchen, P., Li, R. (eds.) BROADNETS 2020. LNICST, vol. 355, pp. 33–52. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-68737-3_3

    Chapter  Google Scholar 

  12. Rathore, H., Sahay, S.K., Thukral, S., Sewak, M.: Detection of malicious android applications: classical machine learning vs. deep neural network integrated with clustering. In: Gao, H., J. Durán Barroso, R., Shanchen, P., Li, R. (eds.) BROADNETS 2020. LNICST, vol. 355, pp. 109–128. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-68737-3_7

    Chapter  Google Scholar 

  13. Rezende, E., Ruppert, G., Carvalho, T., Ramos, F., De Geus, P.: Malicious software classification using transfer learning of resnet-50 deep neural network. In: 2017 16th IEEE International Conference on Machine Learning and Applications (ICMLA), pp. 1011–1014. IEEE (2017)

    Google Scholar 

  14. Sandler, M., Howard, A., Zhu, M., Zhmoginov, A., Chen, L.C.: MobileNetv2: inverted residuals and linear bottlenecks. In: 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition, pp. 4510–4520. IEEE (2018)

    Google Scholar 

  15. Sewak, M., Sahay, S.K., Rathore, H.: Deepintent: implicitintent based android IDS with E2E deep learning architecture. In: 2020 IEEE 31st Annual International Symposium on Personal, Indoor and Mobile Radio Communications, pp. 1–6. IEEE (2020)

    Google Scholar 

  16. Sewak, M., Sahay, S.K., Rathore, H.: DOOM: a novel adversarial-DRL-based op-code level metamorphic malware obfuscator for the enhancement of IDS. In: Adjunct Proceedings of the 2020 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2020 ACM International Symposium on Wearable Computers, pp. 131–134 (2020)

    Google Scholar 

  17. Singh, A., Handa, A., Kumar, N., Shukla, S.K.: Malware analysis using image classification techniques. In: Cyber Security in India: Education, Research and Training, vol. 4, p. 33 (2020)

    Google Scholar 

  18. Sun, G., Qian, Q.: Deep learning and visualization for identifying malware families. IEEE Trans. Dependable Secure Comput. (2018)

    Google Scholar 

  19. Xiao, X.: An image-inspired and CNN-based android malware detection approach. In: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 1259–1261. IEEE (2019)

    Google Scholar 

  20. Yang, M., Wen, Q.: Detecting android malware by applying classification techniques on images patterns. In: 2017 IEEE 2nd International Conference on Cloud Computing and Big Data Analysis (ICCCBDA), pp. 344–347. IEEE (2017)

    Google Scholar 

  21. Zhang, H., Luo, S., Zhang, Y., Pan, L.: An efficient android malware detection system based on method-level behavioral semantic analysis. IEEE Access 7, 69246–69256 (2019)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of CS & IS, Goa Campus, BITS Pilani, Goa, India

    Hemant Rathore, B. Raja Narasimhan & Sanjay K. Sahay

  2. Security & Compliance Research, Microsoft R & D, Hyderabad, India

    Mohit Sewak

Authors
  1. Hemant Rathore
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. B. Raja Narasimhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sanjay K. Sahay
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mohit Sewak
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hemant Rathore .

Editor information

Editors and Affiliations

  1. Scientific Network for Innovation and Research Excellence, Machine Intelligence Research Labs (MIR Labs), Auburn, WA, USA

    Ajith Abraham

  2. Scientific Network for Innovation and Research Excellence, Machine Intelligence Research Labs (MIR Labs), Auburn, WA, USA

    Niketa Gandhi

  3. Institut für Wirtschaftsinformatik, Fachhochschule Nordwestschweiz, Olten, Switzerland

    Thomas Hanne

  4. Department of Computer Science and information Engineering, National University of Kaohsiung, Kaohsiung, Taiwan

    Tzung-Pei Hong

  5. Federal University of Bahia, Ondina, Brazil

    Tatiane Nogueira Rios

  6. Nantong University, Nantong Shi, Jiangsu, China

    Weiping Ding

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Rathore, H., Narasimhan, B.R., Sahay, S.K., Sewak, M. (2022). Image-based Android Malware Detection Models using Static and Dynamic Features. In: Abraham, A., Gandhi, N., Hanne, T., Hong, TP., Nogueira Rios, T., Ding, W. (eds) Intelligent Systems Design and Applications. ISDA 2021. Lecture Notes in Networks and Systems, vol 418. Springer, Cham. https://doi.org/10.1007/978-3-030-96308-8_120

Download citation

Publish with us

Policies and ethics

Search

Navigation