skip to main content
research-article

A Survey of Android Malware Detection with Deep Neural Models

Published: 06 December 2020 Publication History

Abstract

Deep Learning (DL) is a disruptive technology that has changed the landscape of cyber security research. Deep learning models have many advantages over traditional Machine Learning (ML) models, particularly when there is a large amount of data available. Android malware detection or classification qualifies as a big data problem because of the fast booming number of Android malware, the obfuscation of Android malware, and the potential protection of huge values of data assets stored on the Android devices. It seems a natural choice to apply DL on Android malware detection. However, there exist challenges for researchers and practitioners, such as choice of DL architecture, feature extraction and processing, performance evaluation, and even gathering adequate data of high quality. In this survey, we aim to address the challenges by systematically reviewing the latest progress in DL-based Android malware detection and classification. We organize the literature according to the DL architecture, including FCN, CNN, RNN, DBN, AE, and hybrid models. The goal is to reveal the research frontier, with the focus on representing code semantics for Android malware detection. We also discuss the challenges in this emerging field and provide our view of future research opportunities and directions.

Supplementary Material

a126-qiu-suppl.pdf (qiu.zip)
Supplemental movie, appendix, image and software files for, A Survey of Android Malware Detection with Deep Neural Models

References

[1]
G Data CyberDefense AG. 2019. Mobile malware report—no let-up with Android malware. Retrieved from https://www.gdatasoftware.com/news/2019/07/35228-mobile-malware-report-no-let-up-with-android-malware.
[2]
Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, and Konrad Rieck. 2014. DREBIN: Effective and explainable detection of Android malware in your pocket. In Proceedings of the 21st Network and Distributed System Security Symposium (NDSS’14).
[3]
Jun Zhang, Yang Xiang, Yu Wang, Wanlei Zhou, Yong Xiang, and Yong Guan. 2013. Network traffic classification using correlation information. IEEE Trans. Parallel Distrib. Syst. 24, 1 (2013), 104--117.
[4]
Jun Zhang, Xiao Chen, Yang Xiang, Wanlei Zhou, and Jie Wu. 2015. Robust network traffic classification. IEEE/ACM Trans. Netw. 23, 4 (2015), 1257--1270.
[5]
Ziyun Zhu and Tudor Dumitras. 2016. Featuresmith: Automatically engineering features for malware detection by mining the security literature. In Proceedings of the 23rd ACM SIGSAC Conference on Computer and Communications Security. 767--778.
[6]
Carl Sabottke, Octavian Suciu, and Tudor Dumitras. 2015. Vulnerability disclosure in the age of social media: Exploiting Twitter for predicting real-world exploits. In Proceedings of the 24th USENIX Security Symposium. 1041--1056.
[7]
Alex Krizhevsky, Ilya Sutskever, and Geoffrey E. Hinton. 2012. ImageNet classification with deep convolutional neural networks. In Proceedings of the 26th Conference on Neural Information Processing Systems. 1106--1114.
[8]
Ilya Sutskever, Oriol Vinyals, and Quoc V. Le. 2014. Sequence to sequence learning with neural networks. In Proceedings of the 27th Conference on Neural Information Processing Systems. 3104--3112.
[9]
Dzmitry Bahdanau, Kyunghyun Cho, and Yoshua Bengio. 2015. Neural machine translation by jointly learning to align and translate. In Proceedings of the 3rd International Conference on Learning Representations.
[10]
Tom Young, Devamanyu Hazarika, Soujanya Poria, and Erik Cambria. 2018. Recent trends in deep learning based natural language processing. IEEE Comput. Intell. Mag. 13, 3 (2018), 55--75.
[11]
Rory Coulter, Qing-Long Han, Lei Pan, Jun Zhang, and Yang Xiang. 2020. Code analysis for intelligent cyber systems: A data-driven approach. Inf. Sci. 524 (2020), 46--58.
[12]
Guanjun Lin, Sheng Wen, Qing-Long Han, Jun Zhang, and Yang Xiang. 2020. Software vulnerability detection using deep neural networks: A survey. Proc. IEEE.
[13]
Yann LeCun, Yoshua Bengio, and Geoffrey E. Hinton. 2015. Deep learning. Nature 521, 7553 (2015), 436--444.
[14]
Shigang Liu, Guanjun Lin, Qing-Long Han, Sheng Wen, Jun Zhang, and Yang Xiang. 2019. DeepBalance: Deep-learning and fuzzy oversampling for vulnerability detection. IEEE Trans. Fuzz. Syst. 28, 7 (2019), 1329--1343.
[15]
Ke Xu, Yingjiu Li, Robert H. Deng, and Kai Chen. 2018. DeepRefiner: Multi-layer Android malware detection system applying deep neural networks. In Proceedings of the 3rd IEEE European Symposium on Security and Privacy. 473--487.
[16]
Sitalakshmi Venkatraman, Mamoun Alazab, and R. Vinayakumar. 2019. A hybrid deep learning image-based analysis for effective malware detection. J. Inf. Sec. Applic. 47 (2019), 377--389.
[17]
R. Vinayakumar, Mamoun Alazab, K. P. Soman, Prabaharan Poornachandran, and Sitalakshmi Venkatraman. 2019. Robust intelligent malware detection using deep learning. IEEE Access 7 (2019), 46717--46738.
[18]
Guanjun Lin, Jun Zhang, Wei Luo, Lei Pan, and Yang Xiang. 2017. POSTER: Vulnerability discovery with function representation learning from unlabeled projects. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 2539--2541.
[19]
Guanjun Lin, Jun Zhang, Wei Luo, Lei Pan, Yang Xiang, Olivier De Vel, and Paul Montague. 2018. Cross-project transfer representation learning for vulnerable function discovery. IEEE Trans. Industr. Inform. 14, 7 (2018), 3289--3297.
[20]
Guanjun Lin, Jun Zhang, Wei Luo, Lei Pan, Olivier De Vel, Paul Montague, and Yang Xiang. 2019. Software vulnerability discovery via learning multi-domain knowledge bases. IEEE Trans. Depend. Sec. Comput.
[21]
Carson D. Sestili, William S. Snavely, and Nathan M. VanHoudnos. 2018. Towards security defect prediction with AI. CoRR abs/1808.09897 (2018).
[22]
Nan Sun, Jun Zhang, Paul Rimba, Shang Gao, Yang Xiang, and Leo Yu Zhang. 2019. Data-driven cybersecurity incident prediction: A survey. IEEE Commun. Surv. Tutor. 21, 2 (2019), 1744--1772.
[23]
Liu Liu, Olivier De Vel, Qing-Long Han, Jun Zhang, and Yang Xiang. 2018. Detecting and preventing cyber insider threats: A survey. IEEE Commun. Surv. Tutor. 20, 2 (2018), 1397--1417.
[24]
Amara Dinesh Kumar, Harish Thodupunoori, R. Vinayakumar, K. P. Soman, Prabaharan Poornachandran, Mamoun Alazab, and Sitalakshmi Venkatraman. 2019. Enhanced domain generating algorithm detection based on deep neural networks. In Deep Learning Applications for Cyber Security. Springer, 151--173.
[25]
R. Vinayakumar, Mamoun Alazab, K. P. Soman, Prabaharan Poornachandran, Ameer Al-Nemrat, and Sitalakshmi Venkatraman. 2019. Deep learning approach for intelligent intrusion detection system. IEEE Access 7 (2019), 41525--41550.
[26]
Shigang Liu, Mahdi Dibaei, Yonghang Tai, Chao Chen, Jun Zhang, and Yang Xiang. 2019. Cyber vulnerability intelligence for internet of things binary. IEEE Trans. Industr. Inform. 16, 3 (2019), 2154--2163.
[27]
Shigang Liu, Guanjun Lin, Lizhen Qu, Jun Zhang, Olivier De Vel, Paul Montague, and Yang Xiang. 2020.CD-VulD: Cross-domain vulnerability discovery based on deep domain adaptation. IEEE Trans. Depend. Sec. Comput.
[28]
Saba Arshad, Munam Ali Shah, Abid Khan, and Mansoor Ahmed. 2016. Android malware detection 8 protection: A survey. Int. J. Adv. Comput. Sci. Applic. 7, 2 (2016), 463--475.
[29]
Bahman Rashidi and Carol J. Fung. 2015. A survey of Android security threats and defenses. J. Wirel. Mob. Netw. Ubiq. Comput. Depend. Applic. 6, 3 (2015), 3--35.
[30]
Li Li, Tegawendé F. Bissyandé, Mike Papadakis, Siegfried Rasthofer, Alexandre Bartel, Damien Octeau, Jacques Klein, and Le Traon. 2017. Static analysis of Android apps: A systematic literature review. Inf. Softw. Technol. 88 (2017), 67--95.
[31]
Kimberly Tam, Ali Feizollah, Nor Badrul Anuar, Rosli Salleh, and Lorenzo Cavallaro. 2017. The evolution of Android malware and Android analysis techniques. Comput. Surv. 49, 4 (2017), 76:1--76:41.
[32]
Parvez Faruki, Ammar Bharmal, Vijay Laxmi, Vijay Ganmoor, Manoj Singh Gaur, Mauro Conti, and Muttukrishnan Rajarajan. 2015. Android security: A survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tutor. 17, 2 (2015), 998--1022.
[33]
Ebtesam J. Alqahtani, Rachid Zagrouba, and Abdullah Almuhaideb. 2019. A survey on Android malware detection techniques using machine learning algorithms. In Proceedings of the 6th International Conference on Software Defined Systems. 110--117.
[34]
Alireza Souri and Rahil Hosseini. 2018. A state-of-the-art survey of malware detection approaches using data mining techniques. Hum.-centr. Comput. Inf. Sci. 8, 1 (2018), 3.
[35]
Abdelmonim Naway and Yuancheng Li. 2018. A review on the use of deep learning in Android malware detection. CoRR abs/1812.10360 (2018).
[36]
Nicolas Viennot, Edward Garcia, and Jason Nieh. 2014. A measurement study of Google Play. In Proceedings of the ACM International Conference on Measurement and Modeling of Computer Systems. 221--233.
[37]
Li Li, Jun Gao, Médéric Hurier, Pingfan Kong, Tegawendé F. Bissyandé, Alexandre Bartel, Jacques Klein, and Yves Le Traon. 2017. AndroZoo++: Collecting millions of Android apps and their metadata for the research community. CoRR abs/1709.05281 (2017).
[38]
Kevin Allix, Tegawendé F. Bissyandé, Jacques Klein, and Yves Le Traon. 2016. AndroZoo: Collecting millions of Android apps for the research community. In Proceedings of the 13th International Conference on Mining Software Repositories. 468--471.
[39]
Bradley Reaves, Jasmine Bowers, Sigmund Albert Gorski III, Olabode Anise, Rahul Bobhate, Raymond Cho, Hiranava Das, Sharique Hussain, Hamza Karachiwala, Nolen Scaife et al. 2016. * droid: Assessment and evaluation of Android application analysis tools. ACM Comput. Surv. 49, 3 (2016), 1--30.
[40]
William Enck, Machigar Ongtang, and Patrick D. McDaniel. 2009. On lightweight mobile phone application certification. In Proceedings of the 16th ACM Conference on Computer and Communications Security. 235--245.
[41]
Wei Yang, Xusheng Xiao, Benjamin Andow, Sihan Li, Tao Xie, and William Enck. 2015. Appcontext: Differentiating malicious and benign mobile app behaviors using context. In Proceedings of the IEEE/ACM 37th IEEE International Conference on Software Engineering, Vol. 1. IEEE, 303--313.
[42]
Kai Chen, Peng Wang, Yeonjoon Lee, XiaoFeng Wang, Nan Zhang, Heqing Huang, Wei Zou, and Peng Liu. 2015. Finding unknown malice in 10 seconds: Mass vetting for new threats at the Google-Play scale. In Proceedings of the 24th USENIX Security Symposium (USENIX Security’15). 659--674.
[43]
Haipeng Cai, Na Meng, Barbara Ryder, and Daphne Yao. 2018. Droidcat: Effective Android malware detection and categorization via app-level profiling. IEEE Trans. Inf. Forens. Sec. 14, 6 (2018), 1455--1470.
[44]
Junyang Qiu, Jun Zhang, Wei Luo, Lei Pan, Surya Nepal, Yu Wang, and Yang Xiang. 2019. A3CM: Automatic capability annotation for Android malware. IEEE Access 7 (2019), 147156--147168.
[45]
Fengguo Wei, Yuping Li, Sankardas Roy, Xinming Ou, and Wu Zhou. 2017. Deep ground truth analysis of current Android malware. In Proceedings of the 14th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. 252--276.
[46]
Marcos Sebastián, Richard Rivera, Platon Kotzias, and Juan Caballero. 2016. AVclass: A tool for massive malware labeling. In Proceedings of the 19th International Symposium on Research in Attacks, Intrusions, and Defenses. 230--253.
[47]
Sankardas Roy, Jordan DeLoach, Yuping Li, Nic Herndon, Doina Caragea, Xinming Ou, Venkatesh Prasad Ranganath, Hongmin Li, and Nicolais Guevara. 2015. Experimental study with real-world data for Android app security analysis using machine learning. In Proceedings of the 31st Computer Security Applications Conference. 81--90.
[48]
Niall McLaughlin, Jesús Martínez del Rincón, BooJoong Kang, Suleiman Y. Yerima, Paul C. Miller, Sakir Sezer, Yeganeh Safaei, Erik Trickel, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn. 2017. Deep Android malware detection. In Proceedings of the 7th ACM on Conference on Data and Application Security and Privacy. 301--308.
[49]
TonTon Hsien-De Huang and Hung-Yu Kao. 2018. R2-D2: ColoR-inspired convolutional neural network (CNN)-based Android malware detections. In Proceedings of the 6th IEEE International Conference on Big Data. 2633--2642.
[50]
Ignacio Arroyo-Fernández, Carlos-Francisco Méndez-Cruz, Gerardo Sierra, Juan-Manuel Torres-Moreno, and Grigori Sidorov. 2019. Unsupervised sentence representations as word information series: Revisiting TF-IDF. Comput. Speech Lang. 56 (2019), 107--129.
[51]
Piotr Bojanowski, Edouard Grave, Armand Joulin, and Tomas Mikolov. 2017. Enriching word vectors with subword information. Trans. Assoc. Comput. Ling. 5 (2017), 135--146.
[52]
Tomas Mikolov, Kai Chen, Greg Corrado, and Jeffrey Dean. 2013. Efficient estimation of word representations in vector space. In Proceedings of the 1st International Conference on Learning Representations.
[53]
Jeffrey Pennington, Richard Socher, and Christopher D. Manning. 2014. Glove: Global vectors for word representation. In Proceedings of the 19th Conference on Empirical Methods in Natural Language Processing. 1532--1543.
[54]
Jian Zhang, Xu Wang, Hongyu Zhang, Hailong Sun, Kaixuan Wang, and Xudong Liu. 2019. A novel neural source code representation based on abstract syntax tree. In Proceedings of the 41st International Conference on Software Engineering. 783--794.
[55]
Chao Yang, Zhaoyan Xu, Guofei Gu, Vinod Yegneswaran, and Phillip A. Porras. 2014. DroidMiner: Automated mining and characterization of fine-grained malicious behaviors in Android applications. In Proceedings of the 19th European Symposium on Research in Computer Security. 163--182.
[56]
Mehmet Ali Atici, Seref Sagiroglu, and Ibrahim Alper Dogru. 2016. Android malware analysis approach based on control flow graphs and machine learning algorithms. In Proceedings of the 4th IEEE International Symposium on Digital Forensic and Security. 26--31.
[57]
Fengguo Wei, Sankardas Roy, Xinming Ou, et al. 2014. Amandroid: A precise and general inter-component data flow analysis framework for security vetting of Android apps. In Proceedings of the 30th ACM SIGSAC Conference on Computer and Communications Security. 1329--1341.
[58]
Kevin Zhijie Chen, Noah M. Johnson, Vijay D’Silva, Shuaifu Dai, Kyle MacNamara, Thomas R. Magrino, Edward XueJun Wu, Martin Rinard, and Dawn Xiaodong Song. 2013. Contextual policy enforcement in Android applications with permission event graphs. In Proceedings of the 20th Network and Distributed System Security Symposium (NDSS’13).
[59]
Joan Bruna, Wojciech Zaremba, Arthur Szlam, and Yann LeCun. 2014. Spectral networks and locally connected networks on graphs. In Proceedings of the 2nd International Conference on Learning Representations.
[60]
Thomas N. Kipf and Max Welling. 2017. Semi-supervised classification with graph convolutional networks. In Proceedings of the 5th International Conference on Learning Representations.
[61]
Shifu Hou, Yanfang Ye, Yangqiu Song, and Melih Abdulhayoglu. 2018. Make evasion harder: An intelligent Android malware detection system. In Proceedings of the 27th International Joint Conference on Artificial Intelligence. 5279--5283.
[62]
Shifu Hou, Yanfang Ye, Yangqiu Song, and Melih Abdulhayoglu. 2017. HinDroid: An intelligent Android malware detection system based on structured heterogeneous information network. In Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. 1507--1515.
[63]
William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. 2014. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. 32, 2 (2014), 1--29.
[64]
Martina Lindorfer, Matthias Neugschwandtner, Lukas Weichselbaum, Yanick Fratantonio, Victor Van Der Veen, and Christian Platzer. 2014. Andrubis—1,000,000 apps later: A view on current Android malware behaviors. In Proceedings of the 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS). IEEE, 3--17.
[65]
Pengbin Feng, Jianfeng Ma, Cong Sun, Xinpeng Xu, and Yuwan Ma. 2018. A novel dynamic Android malware detection system with ensemble learning. IEEE Access 6 (2018), 30996--31011.
[66]
Martina Lindorfer, Matthias Neugschwandtner, and Christian Platzer. 2015. Marvin: Efficient and comprehensive mobile app classification through static and dynamic analysis. In Proceedings of the IEEE 39th Computer Software and Applications Conference, Vol. 2. IEEE, 422--433.
[67]
Michael Spreitzenbarth, Felix Freiling, Florian Echtler, Thomas Schreck, and Johannes Hoffmann. 2013. Mobile-sandbox: Having a deeper look into Android applications. In Proceedings of the 28th ACM Symposium on Applied Computing. 1808--1815.
[68]
Daniel S. Berman, Anna L. Buczak, Jeffrey S. Chavis, and Cherita L. Corbett. 2019. A survey of deep learning methods for cyber security. Information 10, 4 (2019), 122.
[69]
Vivienne Sze, Yu-Hsin Chen, Tien-Ju Yang, and Joel S. Emer. 2017. Efficient processing of deep neural networks: A tutorial and survey. Proc. IEEE 105, 12 (2017), 2295--2329.
[70]
R. Vinayakumar, K. P. Soman, and Prabaharan Poornachandran. 2017. Deep Android malware detection and classification. In Proceedings of the 6th International Conference on Advances in Computing, Communications and Informatics. 1677--1683.
[71]
George Cybenko. 1989. Approximation by superpositions of a sigmoidal function. Math. Contr. Sig. Syst. 2, 4 (1989), 303--314.
[72]
Bharath Ramsundar and Reza Bosagh Zadeh. 2018. TensorFlow for Deep Learning: From Linear Regression to Reinforcement Learning. O’Reilly Media, Inc.
[73]
Dongfang Li, Zhaoguo Wang, and Yibo Xue. 2018. Fine-grained Android malware detection based on deep learning. In Proceedings of the IEEE Conference on Communications and Network Security. 1--2.
[74]
Kaiming He, Xiangyu Zhang, Shaoqing Ren, and Jian Sun. 2015. Delving deep into rectifiers: Surpassing human-level performance on imagenet classification. In Proceedings of the IEEE International Conference on Computer Vision. 1026--1034.
[75]
Jarrett Booz, Josh McGiff, William G. Hatcher, Wei Yu, James H. Nguyen, and Chao Lu. 2018. Tuning deep learning performance for Android malware detection. In Proceedings of the 19th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing. 140--145.
[76]
Kathrin Grosse, Nicolas Papernot, Praveen Manoharan, Michael Backes, and Patrick D. McDaniel. 2017. Adversarial examples for malware detection. In Proceedings of the 22nd European Symposium on Research in Computer Security. 62--79.
[77]
Feargus Pendlebury, Fabio Pierazzi, Roberto Jordaney, Johannes Kinder, and Lorenzo Cavallaro. 2019. TESSERACT: Eliminating experimental bias in malware classification across space and time. In Proceedings of the 28th USENIX Security Symposium (USENIX Security’19). 729--746.
[78]
Abdelmonim Naway and Yuancheng Li. 2019. Using deep neural network for Android malware detection. CoRR abs/1904.00736 (2019).
[79]
Henry Dalziel and Ajin Abraham. 2015. Automated Security Analysis of Android and IOS Applications with Mobile Security Framework. Syngress.
[80]
Yoon Kim. 2014. Convolutional neural networks for sentence classification. In Proceedings of the 19th Conference on Empirical Methods in Natural Language Processing. 1746--1751.
[81]
Yanfang Ye, Shifu Hou, Lingwei Chen, Jingwei Lei, Wenqiang Wan, Jiabin Wang, Qi Xiong, and Fudong Shao. 2018. AiDroid: When heterogeneous information network marries deep neural network for real-time Android malware detection. CoRR abs/1811.01027 (2018).
[82]
Yanfang Ye, Shifu Hou, Lingwei Chen, Jingwei Lei, Wenqiang Wan, Jiabin Wang, Qi Xiong, and Fudong Shao. 2019. Out-of-sample node representation learning for heterogeneous graph in real-time Android malware detection. In Proceedings of the 28th International Joint Conference on Artificial Intelligence. 4150--4156.
[83]
Sheng-Jun Huang, Jia-Wei Zhao, and Zhao-Yang Liu. 2018. Cost-effective training of deep CNNs with active model adaptation. In Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery 8 Data Mining. 1580--1588.
[84]
Christian Szegedy, Wei Liu, Yangqing Jia, Pierre Sermanet, Scott E. Reed, Dragomir Anguelov, Dumitru Erhan, Vincent Vanhoucke, and Andrew Rabinovich. 2015. Going deeper with convolutions. In Proceedings of the 28th IEEE Conference on Computer Vision and Pattern Recognition. 1--9.
[85]
Zhiwu Xu, Kerong Ren, Shengchao Qin, and Florin Craciun. 2018. CDGDroid: Android malware detection based on deep learning using CFG and DFG. In Proceedings of the 20th International Conference on Formal Engineering Methods and Software Engineering. 177--193.
[86]
ElMouatez Billah Karbab, Mourad Debbabi, Abdelouahid Derhab, and Djedjiga Mouheb. 2018. MalDozer: Automatic framework for Android malware detection using deep learning. Dig. Invest. 24 (2018), S48--S59.
[87]
Tomas Mikolov, Ilya Sutskever, Kai Chen, Gregory S. Corrado, and Jeffrey Dean. 2013. Distributed representations of words and phrases and their compositionality. In Proceedings of the 27th Conference on Neural Information Processing Systems. 3111--3119.
[88]
Abhilash Hota and Paul Irolla. 2019. Deep neural networks for Android malware detection. In Proceedings of the 5th International Conference on Information Systems Security and Privacy. 657--663.
[89]
Quoc V. Le and Tomas Mikolov. 2014. Distributed representations of sentences and documents. In Proceedings of the 31st International Conference on Machine Learning. 1188--1196.
[90]
Edward Raff, Jon Barker, Jared Sylvester, Robert Brandon, Bryan Catanzaro, and Charles K. Nicholas. 2018. Malware detection by eating a whole EXE. In Proceedings of the Workshops of the 32nd AAAI Conference on Artificial Intelligence. 268--276.
[91]
Na Huang, Ming Xu, Ning Zheng, Tong Qiao, and Kim-Kwang Raymond Choo. 2019. Deep Android malware classification with API-based feature graph. In Proceedings of the 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering. 296--303.
[92]
Ashish Vaswani, Noam Shazeer, Niki Parmar, Jakob Uszkoreit, Llion Jones, Aidan N. Gomez, Lukasz Kaiser, and Illia Polosukhin. 2017. Attention is all you need. In Proceedings of the Conference on Advances in Neural Information Processing Systems. 5998--6008.
[93]
R. Vinayakumar, K. P. Soman, Prabaharan Poornachandran, and S. Sachin Kumar. 2018. Detecting Android malware using long short-term memory (LSTM). J. Intell. Fuzz. Syst. 34, 3 (2018), 1277--1288.
[94]
Rajvardhan Oak, Min Du, David Yan, Harshvardhan Takawale, and Idan Amit. 2019. Malware detection on highly imbalanced data through sequence modeling. In Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security. 37--48.
[95]
Tao Ban, Takeshi Takahashi, Shanqing Guo, Daisuke Inoue, and Koji Nakao. 2016. Integration of multi-modal features for Android malware detection using linear SVM. In Proceedings of the 11th Asia Joint Conference on Information Security. 141--146.
[96]
Diederik P. Kingma and Jimmy Ba. 2015. Adam: A method for stochastic optimization. In Proceedings of the 3rd International Conference on Learning Representations.
[97]
Hugo Gascon, Fabian Yamaguchi, Daniel Arp, and Konrad Rieck. 2013. Structural detection of Android malware using embedded call graphs. In Proceedings of the ACM Workshop on Artificial Intelligence and Security. 45--54.
[98]
Jacob Devlin, Ming-Wei Chang, Kenton Lee, and Kristina Toutanova. 2018. BERT: Pre-training of deep bidirectional transformers for language understanding. arXiv preprint arXiv:1810.04805 (2018).
[99]
Zhenlong Yuan, Yongqiang Lu, Zhaoguo Wang, and Yibo Xue. 2014. Droid-Sec: Deep learning in Android malware detection. In Proceedings of the ACM Conference on SIGCOMM. 371--372.
[100]
Shifu Hou, Aaron Saas, Yanfang Ye, and Lifei Chen. 2016. DroidDelver: An Android malware detection system using deep belief network based on API call blocks. In Proceedings of the International Workshops on the Web-age Information Management. 54--66.
[101]
Xin Su, Dafang Zhang, Wenjia Li, and Kai Zhao. 2016. A deep learning approach to Android malware feature learning and detection. In Proceedings of the IEEE Trustcom/BigDataSE/ISPA. 244--251.
[102]
Dali Zhu, Hao Jin, Ying Yang, Di Wu, and Weiyi Chen. 2017. DeepFlow: Deep learning-based malware detection by mining Android application for abnormal usage of sensitive data. In Proceedings of the 22nd IEEE Symposium on Computers and Communications. 438--443.
[103]
Shifu Hou, Aaron Saas, Lingwei Chen, Yanfang Ye, and Thirimachos Bourlai. 2017. Deep neural networks for automatic Android malware detection. In Proceedings of the IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining. 803--810.
[104]
Wenjia Li, Zi Wang, Juecong Cai, and Sihua Cheng. 2018. An Android malware detection approach using weight-adjusted deep learning. In Proceedings of the International Conference on Computing, Networking and Communications. 437--441.
[105]
Yousra Aafer, Wenliang Du, and Heng Yin. 2013. DroidAPIMiner: Mining API-level features for robust malware detection in Android. In Proceedings of the 9th International Conference on Security and Privacy in Communication Systems (SecureComm’13). 86--103.
[106]
Kai Zhao, Dafang Zhang, Xin Su, and Wenjia Li. 2015. Fest: A feature extraction and selection tool for Android malware detection. In Proceedings of the 20th IEEE Symposium on Computers and Communication. 714--720.
[107]
Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick D. McDaniel. 2014. FlowDroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation. 259--269.
[108]
Siegfried Rasthofer, Steven Arzt, and Eric Bodden. 2014. A machine-learning approach for classifying and categorizing Android sources and sinks. In Proceedings of the 21st Network and Distributed System Security Symposium (NDSS’14).
[109]
Yajin Zhou and Xuxian Jiang. 2012. Dissecting Android malware: Characterization and evolution. In Proceedings of the 33rd IEEE Symposium on Security and Privacy (S8P’12). 95--109.
[110]
Tieming Chen, Qingyu Mao, Mingqi Lv, Hongbing Cheng, and Yinglong Li. 2019. DroidVecDeep: Android malware detection based on word2vec and deep belief network. KSII Trans. Internet Inf. Syst. 13, 4 (2019), 2180--2197.
[111]
Gilles Louppe, Louis Wehenkel, Antonio Sutera, and Pierre Geurts. 2013. Understanding variable importances in forests of randomized trees. In Proceedings of the 27th Conference on Neural Information Processing Systems. 431--439.
[112]
Shifu Hou, Aaron Saas, Lifei Chen, and Yanfang Ye. 2016. Deep4MalDroid: A deep learning framework for Android malware detection based on Linux kernel system call graphs. In Proceedings of the IEEE/WIC/ACM International Conference on Web Intelligence Workshops. 104--111.
[113]
Nengqiang He, Tianqi Wang, Pingyang Chen, Hanbing Yan, and Zhengping Jin. 2018. An Android malware detection method based on deep autoencoder. In Proceedings of the Artificial Intelligence and Cloud Computing Conference. 88--93.
[114]
Abdelmonim Naway and Yuancheng Li. 2019. Android malware detection using autoencoder. CoRR abs/1901.07315 (2019).
[115]
Geoffrey E. Hinton, Simon Osindero, and Yee-Whye Teh. 2006. A fast learning algorithm for deep belief nets. Neural Comput. 18, 7 (2006), 1527--1554.
[116]
Li Chen, Mingwei Zhang, Chih-Yuan Yang, and Ravi Sahita. 2017. POSTER: Semi-supervised classification for dynamic Android malware detection. In Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security. 2479--2481.
[117]
Hiromu Yakura, Shinnosuke Shinozaki, Reon Nishimura, Yoshihiro Oyama, and Jun Sakuma. 2018. Malware analysis of imaged binary samples by convolutional neural network with attention mechanism. In Proceedings of the 8th ACM Conference on Data and Application Security and Privacy. 127--134.
[118]
William Younghoo Lee, Joshua Saxe, and Richard Harang. 2019. SeqDroid: Obfuscated Android malware detection using stacked convolutional and recurrent neural networks. In Deep Learning Applications for Cyber Security. Springer, 197--210.
[119]
Wei Wang, Mengxue Zhao, and Jigang Wang. 2019. Effective Android malware detection with a hybrid model based on deep autoencoder and convolutional neural network. J. Amb. Intell. Hum. Comput. 10, 8 (2019), 3035--3043.
[120]
Dali Zhu, Tong Xi, Pengfei Jing, Di Wu, Qing Xia, and Yiming Zhang. 2019. A transparent and multimodal malware detection method for Android apps. In Proceedings of the 22nd International ACM Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems. 51--60.
[121]
Shanshan Wang, Zhenxiang Chen, Qiben Yan, Ke Ji, Lin Wang, Bo Yang, and Mauro Conti. 2018. Deep and broad learning based detection of Android malware via network traffic. In Proceedings of the 26th IEEE/ACM International Symposium on Quality of Service. 1--6.
[122]
TaeGuen Kim, BooJoong Kang, Mina Rho, Sakir Sezer, and Eul Gyu Im. 2019. A multimodal deep learning method for Android malware detection using various features. IEEE Trans. Inf. Forens. Sec. 14, 3 (2019), 773--788.
[123]
Alexander Fonarev, Oleksii Hrinchuk, Gleb Gusev, Pavel Serdyukov, and Ivan V. Oseledets. 2017. Riemannian optimization for skip-gram negative sampling. In Proceedings of the 55th Meeting of the Association for Computational Linguistics. 2028--2036.
[124]
Vinod Nair and Geoffrey E. Hinton. 2010. Rectified linear units improve restricted Boltzmann machines. In Proceedings of the 27th International Conference on Machine Learning. 807--814.
[125]
Geoffrey E. Hinton, Oriol Vinyals, and Jeffrey Dean. 2015. Distilling the knowledge in a neural network. CoRR abs/1503.02531 (2015).
[126]
Marco Túlio Ribeiro, Sameer Singh, and Carlos Guestrin. 2016. “Why should I trust you?”: Explaining the predictions of any classifier. In Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. 1135--1144.
[127]
Jia Deng, Wei Dong, Richard Socher, Li-Jia Li, Kai Li, and Li Fei-Fei. 2009. Imagenet: A large-scale hierarchical image database. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. IEEE, 248--255.
[128]
Yukun Zhu, Ryan Kiros, Rich Zemel, Ruslan Salakhutdinov, Raquel Urtasun, Antonio Torralba, and Sanja Fidler. 2015. Aligning books and movies: Towards story-like visual explanations by watching movies and reading books. In Proceedings of the IEEE International Conference on Computer Vision. 19--27.
[129]
Ishan Misra and Laurens van der Maaten. 2019. Self-supervised learning of pretext-invariant representations. arXiv preprint arXiv:1912.01991 (2019).
[130]
Seyed Mohammad Ghaffarian and Hamid Reza Shahriari. 2017. Software vulnerability analysis and discovery using machine-learning and data-mining techniques: A survey. Comput. Surv. 50, 4 (2017), 56.
[131]
Geoffrey I. Webb, Loong Kuan Lee, François Petitjean, and Bart Goethals. 2017. Understanding concept drift. CoRR abs/1704.00362 (2017).
[132]
Fei Zuo, Xiaopeng Li, Patrick Young, Lannan Luo, Qiang Zeng, and Zhexin Zhang. 2019. Neural machine translation inspired binary code similarity comparison beyond function pairs. In Proceedings of the 26th Network and Distributed System Security Symposium (NDSS’19).
[133]
Zhilin Yang, Zihang Dai, Yiming Yang, Jaime G. Carbonell, Ruslan Salakhutdinov, and Quoc V. Le. 2019. XLNet: Generalized autoregressive pretraining for language understanding. CoRR abs/1906.08237 (2019).
[134]
Rory Coulter, Qing-Long Han, Lei Pan, Jun Zhang, and Yang Xiang. 2020. Data-driven cyber security in perspective--intelligent traffic analysis. IEEE Trans. Cyber. 50, 7 (2020), 3081--3093.
[135]
Xiaoyong Yuan, Pan He, Qile Zhu, and Xiaolin Li. 2019. Adversarial examples: Attacks and defenses for deep learning. IEEE Trans. Neural Netw. Learn. Syst. 30, 9 (2019), 2805--2824.
[136]
Xiao Chen, Chaoran Li, Derui Wang, Sheng Wen, Jun Zhang, Surya Nepal, Yang Xiang, and Kui Ren. 2020. Android HIV: A study of repackaging malware for evading machine-learning detection. IEEE Trans. Inf. Forens. Sec. 15, 1 (2020), 987--1001.
[137]
Marco Barreno, Blaine Nelson, Russell Sears, Anthony D. Joseph, and J. Doug Tygar. 2006. Can machine learning be secure? In Proceedings of the ACM Symposium on Information, Computer and Communications Security. 16--25.
[138]
Lingwei Chen, Shifu Hou, and Yanfang Ye. 2017. SecureDroid: Enhancing security of machine learning-based detection against adversarial Android malware attacks. In Proceedings of the 33rd Computer Security Applications Conference. 362--372.
[139]
Sen Chen, Minhui Xue, Lingling Fan, Shuang Hao, Lihua Xu, Haojin Zhu, and Bo Li. 2018. Automated poisoning attacks and defenses in malware detection systems: An adversarial machine learning approach. Comput. Sec. 73 (2018), 326--344.
[140]
Nicolas Papernot, Patrick D. McDaniel, Xi Wu, Somesh Jha, and Ananthram Swami. 2016. Distillation as a defense to adversarial perturbations against deep neural networks. In Proceedings of the 37th IEEE Symposium on Security and Privacy (S8P’16). 582--597.
[141]
Christian Szegedy, Wojciech Zaremba, Ilya Sutskever, Joan Bruna, Dumitru Erhan, Ian J. Goodfellow, and Rob Fergus. 2014. Intriguing properties of neural networks. In Proceedings of the 2nd International Conference on Learning Representations.
[142]
Wenbo Guo, Dongliang Mu, Jun Xu, Purui Su, Gang Wang, and Xinyu Xing. 2018. LEMNA: Explaining deep learning based security applications. In Proceedings of the 25th ACM SIGSAC Conference on Computer and Communications Security. 364--379.
[143]
Michael Grace, Yajin Zhou, Qiang Zhang, Shihong Zou, and Xuxian Jiang. 2012. Riskranker: Scalable and accurate zero-day Android malware detection. In Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services. 281--294.
[144]
Jin-Young Kim, Seok-Jun Bu, and Sung-Bae Cho. 2018. Zero-day malware detection using transferred generative adversarial networks based on deep autoencoders. Inf. Sci. 460 (2018), 83--102.

Cited By

View all
  • (2025)Advanced Android Malware Detection: Merging Deep Learning and XGBoost TechniquesBilişim Teknolojileri Dergisi10.17671/gazibtd.155354818:1(45-61)Online publication date: 31-Jan-2025
  • (2025)InforTest: Informer-Based Testing for Applications in the Internet of Robotic ThingsIEEE Transactions on Industrial Informatics10.1109/TII.2024.348570721:2(1499-1507)Online publication date: Feb-2025
  • (2025)FABLDroid: Malware detection based on hybrid analysis with factor analysis and broad learning methods for android applicationsEngineering Science and Technology, an International Journal10.1016/j.jestch.2024.10194562(101945)Online publication date: Feb-2025
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Computing Surveys
ACM Computing Surveys  Volume 53, Issue 6
Invited Tutorial and Regular Papers
November 2021
803 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/3441629
Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 December 2020
Accepted: 01 August 2020
Revised: 01 July 2020
Received: 01 January 2020
Published in CSUR Volume 53, Issue 6

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Android malware
  2. deep learning
  3. feature representation
  4. machine learning
  5. malware detection
  6. neural network

Qualifiers

  • Research-article
  • Research
  • Refereed

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)559
  • Downloads (Last 6 weeks)33
Reflects downloads up to 17 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2025)Advanced Android Malware Detection: Merging Deep Learning and XGBoost TechniquesBilişim Teknolojileri Dergisi10.17671/gazibtd.155354818:1(45-61)Online publication date: 31-Jan-2025
  • (2025)InforTest: Informer-Based Testing for Applications in the Internet of Robotic ThingsIEEE Transactions on Industrial Informatics10.1109/TII.2024.348570721:2(1499-1507)Online publication date: Feb-2025
  • (2025)FABLDroid: Malware detection based on hybrid analysis with factor analysis and broad learning methods for android applicationsEngineering Science and Technology, an International Journal10.1016/j.jestch.2024.10194562(101945)Online publication date: Feb-2025
  • (2025)RAX-ClaMal: Dynamic Android malware classification based on RAX register valuesInternet of Things10.1016/j.iot.2024.10148230(101482)Online publication date: Mar-2025
  • (2025)CNN-ViT synergy: An efficient Android malware detection approach through deep learningComputers and Electrical Engineering10.1016/j.compeleceng.2024.110039123(110039)Online publication date: Apr-2025
  • (2025)Andro-BCFL: Blockchain and federated learning based Android malware detectionComputers and Electrical Engineering10.1016/j.compeleceng.2024.109948122(109948)Online publication date: Mar-2025
  • (2025)GBADroid: an Android malware detection method based on multi-view feature fusionThe Journal of Supercomputing10.1007/s11227-025-06977-681:3Online publication date: 14-Feb-2025
  • (2024)CSMC: A Secure and Efficient Visualized Malware Classification Method Inspired by Compressed SensingSensors10.3390/s2413425324:13(4253)Online publication date: 30-Jun-2024
  • (2024)Explainable Machine Learning for Malware Detection on Android ApplicationsInformation10.3390/info1501002515:1(25)Online publication date: 1-Jan-2024
  • (2024)Behavioral Analysis of Android Riskware Families Using Clustering and Explainable Machine LearningBig Data and Cognitive Computing10.3390/bdcc81201718:12(171)Online publication date: 26-Nov-2024
  • Show More Cited By

View Options

Login options

Full Access

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media