Abstract
Today smartphones are an indispensable part of our everyday activities and store a plethora of sensitive as well as personal information. However, this information is an attractive target of malware designers that can be validated with an ever-increasing number of smartphone malware. Recently researchers explored deep learning for detecting android malware and have seen encouraging results. In this paper, we propose an effective image-based android malware detection system. We used both static and dynamic analysis of android applications to extract six different features: intent, opcode, permission from static analysis, and unigram, bigram, trigram from system call log using dynamic analysis. Then, we proposed a custom malware detection model (MalCNN) that uses static features and achieved accuracy and AUC of \(99.56\%\) and 0.99 respectively in malware detection. We also explored MobileNetV2 based malware detection models for dynamic features that achieved accuracy and AUC of \(99.85\%\) and 0.99 respectively in malware detection. Our experimental results show that image representation of static or dynamic features can be used for effective malware detection.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cuckoo Sandbox - Automated Malware Analysis (2021). https://cuckoosandbox.org/. Accessed Oct 2021
CUDA Zone (2021). https://developer.nvidia.com/cuda-zone. Accessed Oct 2021
Google Colaboratory (2021). https://colab.research.google.com/. Accessed Oct 2021
Google Play Store (2021). https://play.google.com/storeAccessed Oct 2021
Total amount of malware and PUA under Android (2021). https://portal.av-atlas.org/malware/statistics. Accessed Oct 2021
Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of android malware in your pocket. In: Network and Distributed System Security (NDSS) Symposium, vol. 14, pp. 23–26 (2014)
Ganesh, M., Pednekar, P., Prabhuswamy, P., Nair, D.S., Park, Y., Jeon, H.: CNN-based android malware detection. In: 2017 International Conference on Software Security and Assurance (ICSSA), pp. 60–65. IEEE (2017)
He, K., Zhang, X., Ren, S., Sun, J.: Deep residual learning for image recognition. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 770–778 (2016)
McLaughlin, N., et al.: Deep android malware detection. In: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, pp. 301–308 (2017)
Nataraj, L., Karthikeyan, S., Jacob, G., Manjunath, B.S.: Malware images: visualization and automatic classification. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security, pp. 1–7 (2011)
Rathore, H., Sahay, S.K., Rajvanshi, R., Sewak, M.: Identification of significant permissions for efficient android malware detection. In: Gao, H., J. Durán Barroso, R., Shanchen, P., Li, R. (eds.) BROADNETS 2020. LNICST, vol. 355, pp. 33–52. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-68737-3_3
Rathore, H., Sahay, S.K., Thukral, S., Sewak, M.: Detection of malicious android applications: classical machine learning vs. deep neural network integrated with clustering. In: Gao, H., J. Durán Barroso, R., Shanchen, P., Li, R. (eds.) BROADNETS 2020. LNICST, vol. 355, pp. 109–128. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-68737-3_7
Rezende, E., Ruppert, G., Carvalho, T., Ramos, F., De Geus, P.: Malicious software classification using transfer learning of resnet-50 deep neural network. In: 2017 16th IEEE International Conference on Machine Learning and Applications (ICMLA), pp. 1011–1014. IEEE (2017)
Sandler, M., Howard, A., Zhu, M., Zhmoginov, A., Chen, L.C.: MobileNetv2: inverted residuals and linear bottlenecks. In: 2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition, pp. 4510–4520. IEEE (2018)
Sewak, M., Sahay, S.K., Rathore, H.: Deepintent: implicitintent based android IDS with E2E deep learning architecture. In: 2020 IEEE 31st Annual International Symposium on Personal, Indoor and Mobile Radio Communications, pp. 1–6. IEEE (2020)
Sewak, M., Sahay, S.K., Rathore, H.: DOOM: a novel adversarial-DRL-based op-code level metamorphic malware obfuscator for the enhancement of IDS. In: Adjunct Proceedings of the 2020 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2020 ACM International Symposium on Wearable Computers, pp. 131–134 (2020)
Singh, A., Handa, A., Kumar, N., Shukla, S.K.: Malware analysis using image classification techniques. In: Cyber Security in India: Education, Research and Training, vol. 4, p. 33 (2020)
Sun, G., Qian, Q.: Deep learning and visualization for identifying malware families. IEEE Trans. Dependable Secure Comput. (2018)
Xiao, X.: An image-inspired and CNN-based android malware detection approach. In: 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 1259–1261. IEEE (2019)
Yang, M., Wen, Q.: Detecting android malware by applying classification techniques on images patterns. In: 2017 IEEE 2nd International Conference on Cloud Computing and Big Data Analysis (ICCCBDA), pp. 344–347. IEEE (2017)
Zhang, H., Luo, S., Zhang, Y., Pan, L.: An efficient android malware detection system based on method-level behavioral semantic analysis. IEEE Access 7, 69246–69256 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Rathore, H., Narasimhan, B.R., Sahay, S.K., Sewak, M. (2022). Image-based Android Malware Detection Models using Static and Dynamic Features. In: Abraham, A., Gandhi, N., Hanne, T., Hong, TP., Nogueira Rios, T., Ding, W. (eds) Intelligent Systems Design and Applications. ISDA 2021. Lecture Notes in Networks and Systems, vol 418. Springer, Cham. https://doi.org/10.1007/978-3-030-96308-8_120
Download citation
DOI: https://doi.org/10.1007/978-3-030-96308-8_120
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-96307-1
Online ISBN: 978-3-030-96308-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)