Abstract
Android system is used by a large number of people due to its good operating experience. Following this, the number of malware has risen sharply, and security problems have become more serious. Program analysis technology combined with deep learning to identify malicious applications has become a research central. Most of the existing malware identification frameworks are deployed in the cloud due to the scale and complexity of their models. However, its functions are limited due to network delays, bandwidth, and user privacy information will be leaked. In this paper, we propose a dynamic malware identification framework for mobile terminals. The framework has a customized lightweight deep learning model and we use knowledge distillation to optimize the model. This method effectively avoids the leakage of user privacy due to deployment on mobile devices, and can effectively classify applications.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
O’Dea, S.: Smartphone OS shipment market share worldwide 2020–2025 [EB/OL]. https://www.idc.com. Accessed 8 July 2021
iJiami. National mobile app security situation research report [EB/OL]. https://www.freebuf.com/articles/network/235337.html. Accessed 8 July 2021
Wang, W., Zhao, M., Wang, J.: Effective android malware detection with a hybrid model based on deep autoencoder and convolutional neural network. J. Ambient. Intell. Humaniz. Comput. 10(8), 3035–3043 (2018). https://doi.org/10.1007/s12652-018-0803-6
Luo, S., Liu, Z., Ni, B., Wang, H., Sun, H., Yuan, Y.: Android malware analysis and detection based on attention-CNN-LSTM. J. Comput. 14(1), 31–44 (2019)
Xin, S., Shi, W., Xilong, Q., Zheng, Y., Liu, X.: DroidDeep: using deep belief network to characterize and detect android malware. Soft Comput. 24, 1–14 (2020). https://doi.org/10.1007/s00500-019-04589-w
Fan, M., Liu, J., Wang, W., Li, H., Tian, Z., Liu, T.: DAPASA: detecting android piggybacked apps through sensitive subgraph analysis. IEEE Trans. Inf. Forensics Secur. 12(8), 1772–1785 (2017)
Martín, A., Fuentes-Hurtado, F., Naranjo, V., Camacho, D.: Evolving deep neural networks architectures for android malware classification. In: 2017 IEEE Congress on Evolutionary Computation (CEC), pp. 1659–1666. IEEE (2017)
Faruki, P., Buddhadev, B., Shah, B., Zemmari, A., Laxmi, V., Gaur, M.S.: DroidDivesDeep: android malware classification via low level monitorable features with deep neural networks. In: Nandi, S., Jinwala, D., Singh, V., Laxmi, V., Gaur, M.S., Faruki, P. (eds.) ISEA-ISAP 2019. CCIS, vol. 939, pp. 125–139. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-7561-3_10
Yeh, C.W., Yeh, W.T., Hung, S.H., Lin, C.T.: Flattened data in convolutional neural networks: Using malware detection as case study. In: Proceedings of the International Conference on Research in Adaptive and Convergent Systems, pp. 130–135 (2016)
Feng, P., Ma, J., Sun, C., Xinpeng, X., Ma, Y.: A novel dynamic android malware detection system with ensemble learning. IEEE Access 6, 30996–31011 (2018)
Fasano, F., Martinelli, F., Mercaldo, F., Santone, A.: Energy consumption metrics for mobile device dynamic malware detection. Procedia Comput. Sci. 159, 1045–1052 (2019)
Ferrante, A., Medvet, E., Mercaldo, F., Milosevic, J., Visaggio, C.A.: Spotting the malicious moment: characterizing malware behavior using dynamic features. In: 2016 11th International Conference on Availability, Reliability and Security (ARES), pp. 372–381. IEEE (2016)
Martinelli, F., Mercaldo, F., Saracino, A.: Bridemaid: an hybrid tool for accurate detection of android malware. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 899–901 (2017)
Xiao, X., Zhang, S., Mercaldo, F., Hu, G., Sangaiah, A.K.: Android malware detection based on system call sequences and LSTM. Multimed. Tools Appl. 78(4), 3979–3999 (2019). https://doi.org/10.1007/s11042-017-5104-0
Gharib, A., Ghorbani, A.: DNA-Droid: a real-time android ransomware detection framework. In: Yan, Z., Molva, R., Mazurczyk, W., Kantola, R. (eds.) NSS 2017. LNCS, vol. 10394, pp. 184–198. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-64701-2_14
Zhu, D., Xi, T., Jing, P., Wu, D., Xia, Q., Zhang, Y.: A transparent and multimodal malware detection method for android apps. In: Proceedings of the 22nd International ACM Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems, pp. 51–60 (2019)
Li, D., Zhao, L., Cheng, Q., Ning, L., Shi, W.: Opcode sequence analysis of android malware by a convolutional neural network. Concurr. Comput.: Pract. Exp. 32(18), e5308 (2020)
Vasan, D., Alazab, M., Wassan, S., Naeem, H., Safaei, B., Zheng, Q.: IMCFN: image-based malware classification using fine-tuned convolutional neural network architecture. Comput. Netw. 171, 107138 (2020)
Nauman, M., Tanveer, T.A., Khan, S., Syed, T.A.: Deep neural architectures for large scale android malware analysis. Cluster Comput. 21(1), 569–588 (2018). https://doi.org/10.1007/s10586-017-0944-y
Xiao, X., Wang, Z., Li, Q., Xia, S., Jiang, Y.: Back-propagation neural network on Markov chains from system call sequences: a new approach for detecting android malware with system call sequences. IET Inf. Secur. 11(1), 8–15 (2016)
Hinton, G., Vinyals, O., Dean, J.: Distilling the knowledge in a neural network (2015)
Vaswani, A., et al.: Attention is all you need (2017)
Schuster, M., Paliwal, K.K.: Bidirectional recurrent neural networks. IEEE Trans. Signal Process. 45(11), 2673–2681 (1997)
Mahdavifar, S., Kadir, A.F.A., Fatemi, R., Alhadidi, D., Ghorbani, A.A.: Dynamic android malware category classification using semi-supervised deep learning. In: 2020 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), pp. 515–522. IEEE (2020)
Lashkari, A.H., Kadir, A.F.A., Taheri, L., Ghorbani, A.A.: Toward developing a systematic approach to generate benchmark android malware datasets and classification. In: 2018 International Carnahan Conference on Security Technology (ICCST), pp. 1–7. IEEE (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhi, Y., Xi, N., Liu, Y., Hui, H. (2021). A Lightweight Android Malware Detection Framework Based on Knowledge Distillation. In: Yang, M., Chen, C., Liu, Y. (eds) Network and System Security. NSS 2021. Lecture Notes in Computer Science(), vol 13041. Springer, Cham. https://doi.org/10.1007/978-3-030-92708-0_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-92708-0_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-92707-3
Online ISBN: 978-3-030-92708-0
eBook Packages: Computer ScienceComputer Science (R0)