Abstract
With the rapid development of mobile internet, Android has become the most widely used mobile terminal operating system and play an increasingly important role in users’ lives. However, Android malware is also bringing privacy leaks and security threats that are causing troubles to third-party markets and users. What’s more, malware uses code obfuscation and camouflage to hide itself to avoid detection. Traditional malware detection techniques based on machine learning and feature matching are usually difficult to deal with this type of malware. Considering about this problem, an Android malware detection method based on app-image conversion is proposed, which maps the Android installation files to grayscale images, and employs the deep learning algorithm, CNN (Convolutional Neural Networks), for malware detection. A detection framework for Android malware is presented, which includes three parts: data set construction, app-image conversion, and deep learning detection. In the experiments, the parameters of CNN are determined through comparative analysis. It achieves the detection accuracy of 95.23%, which shows the effectiveness and feasibility of the proposed method.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Cai, H., Meng, N., Ryder, B., Yao, D.: Droidcat: effective android malware detection and categorization via app-level profiling. IEEE Trans. Inf. Foren. Secur. 14(6), 1455–1470 (2018)
Cen, L., Gates, C.S., Si, L., Li, N.: A probabilistic discriminative model for android malware detection with decompiled source code. IEEE Trans. Dependable Secur. Comput. 12(4), 400–412 (2014)
Chen, J., Wang, C., Zhao, Z., Chen, K., Du, R., Ahn, G.J.: Uncovering the face of android Ransomware: characterization and real-time detection. IEEE Trans. Inf. Foren. Secur. 13(5), 1286–1300 (2017)
Deng, L., Yu, D.: Deep convex net: A scalable architecture for speech pattern classification. In: Twelfth Annual Conference of the International Speech Communication Association (2011)
Enck, W., et al.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 1–29 (2014)
F-Secure: Trojan: andriod/droidkungfu.c. [EB/OL] (2020). https://www.f-secure.com/vdescs/trojan_android_droidkungfu_c.shtml
Fang, Z., Permission based android security: Permission based Android security: issues and countermeasures. Comput. Secur. 43, 205–218 (2014)
Fu, J., Xue, J., Wang, Y., Liu, Z., Shan, C.: Malware visualization for fine-grained classification. IEEE Access 6, 14510–14523 (2018)
Hou, S., Ye, Y., Song, Y., Abdulhayoglu, M.: Hindroid: an intelligent android malware detection system based on structured heterogeneous information network. In: Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1507–1515 (2017)
IDC: Smartphone challenges continue in 2019. [EB/OL] (2019). https://www.idc.com/getdoc.jsp?containerId=prUS45487719
Kaspersky: Mobile malware evolution 2019. [EB/OL] (2020). https://securelist.com/mobile-malware-evolution-2019/96280
LeCun, Y., et al.: Backpropagation applied to handwritten zip code recognition. Neural Comput. 1(4), 541–551 (1989)
LeCun, Y., Bottou, L., Bengio, Y., Haffner, P.: Gradient-based learning applied to document recognition. Proc. IEEE 86(11), 2278–2324 (1998)
Li, D., Zhao, L., Cheng, Q., Lu, N., Shi, W.: Opcode sequence analysis of android malware by a convolutional neural network. Concurr. Comput. Pract. Exp. 32(18), e5308 (2020)
McLaughlin, N., et al.: Deep android malware detection. In: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, pp. 301–308 (2017)
Nataraj, L., Karthikeyan, S., Jacob, G., Manjunath, B.S.: Malware images: visualization and automatic classification. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security, pp. 1–7 (2011)
Peng, H., et al.: Using probabilistic generative models for ranking risks of android apps. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 241–252 (2012)
Poon, H., Domingos, P.: Sum-product networks: a new deep architecture. In: 2011 IEEE International Conference on Computer Vision Workshops (ICCV Workshops), pp. 689–690. IEEE (2011)
Vincent, P., Larochelle, H., Lajoie, I., Bengio, Y., Manzagol, P.A., Bottou, L.: Stacked denoising autoencoders: learning useful representations in a deep network with a local denoising criterion. J. Mach. Learn. Res. 11(12), 3371–3408 (2010)
Wang, W., Zhao, M., Wang, J.: Effective android malware detection with a hybrid model based on deep autoencoder and convolutional neural network. J. Ambient Intell. Humaniz. Comput. 10(8), 3035–3043 (2018). https://doi.org/10.1007/s12652-018-0803-6
Wei, F., Roy, S., Ou, X.: Amandroid: a precise and general inter-component data flow analysis framework for security vetting of android apps. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1329–1341 (2014)
Xu, K., Li, Y., Deng, R.H.: ICCDetector: ICC-based malware detection on android. IEEE Trans. Inf. Foren. Secur. 11(6), 1252–1264 (2016)
Zhandi, W.: Research and application of Android malware detection based on deep learning. Guizhou Normal University (2019)
Zhang, H., Xiao, X., Mercaldo, F., Ni, S., Martinelli, F., Sangaiah, A.K.: Classification of Ransomware families with machine learning based on n-gram of opcodes. Fut. Gener. Comput. Syst. 90, 211–221 (2019)
Zhang, J., Qin, Z., Yin, H., Ou, L., Hu, Y.: IRMD: malware variant detection using opcode image recognition. In: 2016 IEEE 22nd International Conference on Parallel and Distributed Systems (ICPADS), pp. 1175–1180. IEEE (2016)
Zhang, M., Duan, Y., Yin, H., Zhao, Z.: Semantics-aware android malware classification using weighted contextual api dependency graphs. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1105–1116 (2014)
Zhang, J., Chen, B., Gu, L.: Research on malware detection technology based on image analysis. Netinfo. Secur. 19(10), 24–31 (2019)
Acknowledgments
This work was supported in part by the 13th Five-Year Science and Technology Research Project of the Education Department of Jilin Province under Grant No. JJKH20200794KJ, the Innovation Fund of Changchun University of Science and Technology under Grant No. XJJLG-2018-09, the fund of Key Laboratory of Symbolic Computation and Knowledge Engineering of Ministry of Education (Jilin University) under Grant No. 93K172018K05.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Xie, N., Bai, H., Shi, Y., Wu, H. (2021). Android Malware Detection Method Based on App-Image Conversion. In: Tian, Y., Ma, T., Khan, M.K. (eds) Big Data and Security. ICBDS 2020. Communications in Computer and Information Science, vol 1415. Springer, Singapore. https://doi.org/10.1007/978-981-16-3150-4_6
Download citation
DOI: https://doi.org/10.1007/978-981-16-3150-4_6
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-3149-8
Online ISBN: 978-981-16-3150-4
eBook Packages: Computer ScienceComputer Science (R0)