Abstract
Mobile applications are the most popular medium for delivering software services to the masses nowadays. In the cyber and virtual world, the security of mobile applications has become a critical issue today. Android is the most used operating system. We reviewed various attacks and maliciousness detection research works and found that permissions alone are not capable of discovering malicious intents of mobile applications. Here, we propose an LSTM network-based classification approach to make use of opcode sequences to investigate the maliciousness of mobile applications. We achieved an accuracy of 0.99 and an F1-score of 0.72, which shows the effectiveness of opcodes sequences to detect Android applications’ maliciousness.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Talha KA, Alper DI, Aydin C (2015) APK auditor: Permission-based Android malware detection system. Digit Investig 13:1–14. https://doi.org/10.1016/j.diin.2015.01.001
Sun L, Li Z, Yan Q, Srisa-an W, Pan Y (2016) SigPID: significant permission identification for Android malware detection. In: 2016 11th International Conference on Malicious and Unwanted Software (MALWARE). IEEE, pp 1–8. https://doi.org/10.1109/MALWARE.2016.7888730
Mahindru A, Singh P (2017) Dynamic permissions based Android malware detection using machine learning techniques. In: Proceedings of the 10th innovations in software engineering conference, pp 202–210. https://doi.org/10.1145/3021460.3021485
Bezobrazov S, Sachenko A, Komar M, Rubanau V (2015) Artificial immune system for Android OS. In: Proceedings of the 2015 IEEE 8th international conference on intelligent data acquisition and advanced computing systems: technology and applications. IDAACS 2015, vol 1, pp 403–407. https://doi.org/10.1109/IDAACS.2015.7340767
Sokolova K, Perez C, Lemercier M (2017) Android application classification and anomaly detection with graph-based permission patterns. Decis Support Syst 93:62–76. https://doi.org/10.1016/j.dss.2016.09.006
Xiong P, Wang X, Niu W, Zhu T, Li G (2014) Android malware detection with contrasting permission patterns. China Commun 11:1–14. https://doi.org/10.1109/CC.2014.6911083
Wang W, Wang X, Feng D, Liu J, Han Z, Zhang X (2014) Exploring permission-induced risk in Android applications for malicious application detection. IEEE Trans Inf Forensics Secur 9:1869–1882. https://doi.org/10.1109/TIFS.2014.2353996
Yerima SY, Sezer S, McWilliams G, Muttik I (2013) A new Android malware detection approach using Bayesian classification. In: 2013 IEEE 27th international conference on advanced information networking and applications, pp 121–128. https://doi.org/10.1109/AINA.2013.88
McWilliams G, Sezer S, Yerima SY (2014) Analysis of Bayesian classification-based approaches for Android malware detection. IET Inf Secur 8:25–36. https://doi.org/10.1049/iet-ifs.2013.0095
Yerima SY, Sezer S, Muttik I (2014) Android malware detection using parallel machine learning classifiers. In: 2014 8th international conference on next generation mobile apps, services and technologies, pp 37–42. https://doi.org/10.1109/NGMAST.2014.23
Peiravian N, Zhu X (2013) Machine learning for Android malware detection using permission and API calls. In: Proceedings-International conference on tools with artificial intelligence. ICTAI, pp 300–305. https://doi.org/10.1109/ICTAI.2013.53
Zeng H, Ren Y, Wang QX, He NQ, Ding XY (2014) Detecting malware and evaluating risk of app using Android permission-API system. In: 2014 11th international computer conference on wavelet active media technology information process. ICCWAMTIP 2014, pp 440–443. https://doi.org/10.1109/ICCWAMTIP.2014.7073445
Chan PPK, Song WK (2014) Static detection of Android malware by using permissions and API calls. In: Proceedings-International conference on machine learning and cybernetics, vol 1, pp 82–87. https://doi.org/10.1109/ICMLC.2014.7009096
Cen L, Gates CS, Si L, Li N (2015) A probabilistic discriminative model for Android malware detection with decompiled source code. IEEE Trans Dependable Secur Comput 12:400–412. https://doi.org/10.1109/TDSC.2014.2355839
Qiao M, Sung AH, Liu Q (2016) Merging permission and api features for Android malware detection. In: Proceedings-2016 5th IIAI international congress on advanced applied informatics, IIAI-AAI 2016, pp 566–571. https://doi.org/10.1109/IIAI-AAI.2016.237
Tao G, Zheng Z, Guo Z, Lyu MR (2017) MalPat: mining patterns of malicious and benign Android apps via permission-related APIs. IEEE Trans Reliab 1–15. https://doi.org/10.1109/TR.2017.2778147
Onwuzurike L, Mariconti E, Andriotis P, De Cristofaro E, Ross G, Stringhini G (2017) MaMaDroid: detecting Android malware by building markov chains of behavioral models (extended version). https://doi.org/10.14722/ndss.2017.23353
Sahs J, Khan L (2012) A machine learning approach to Android malware detection. In: 2012 European intelligence and security informatics conference, pp 141–147. https://doi.org/10.1109/EISIC.2012.34
Canfora G, Mercaldo F, Visaggio CA (2013) A classifier of malicious Android applications. In: Proceedings-2013 2013 International conference on availability, reliability and security ARES 2013, pp 607–614. https://doi.org/10.1109/ARES.2013.80
Aung Z, Zaw W (2013) Permission-based Android malware detection. Int J Sci Technol Res 2
Yuan Z, Lu Y, Wang Z, Xue Y (2015) Droid-Sec: deep learning in Android malware detection. Comput Commun Rev 44:371–372. https://doi.org/10.1145/2619239.2631434
Idrees F, Rajarajan M (2014) Investigating the Android intents and permissions for malware detection. In: International conference on wireless and mobile computing, networking and communications, pp 354–358. https://doi.org/10.1109/WiMOB.2014.6962194
Feldman S, Stadther D, Wang B (2015) Manilyzer: automated Android malware detection through manifest analysis. In: Proceedings-11th IEEE international conference on mobile ad hoc and sensor systems MASS 2014, pp 767–772. https://doi.org/10.1109/MASS.2014.65
Su MY, Fung KT (2016) Detection of Android malware by static analysis on permissions and sensitive functions. In: International conference on ubiquitous and future networks, ICUFN, 2016-August, pp 873–875. https://doi.org/10.1109/ICUFN.2016.7537161
Kang BJ, Yerima SY, McLaughlin K, Sezer S (2016) N-opcode analysis for Android malware classification and categorization. In: 2016 international conference on cyber security and protection of digital services, cyber security 2016, pp 13–14. https://doi.org/10.1109/CyberSecPODS.2016.7502343
Wang W, Li Y, Wang X, Liu J, Zhang X (2018) Detecting Android malicious apps and categorizing benign apps with ensemble of classifiers. Futur Gener Comput Syst 78:987–994. https://doi.org/10.1016/J.FUTURE.2017.01.019
Milosevic N, Dehghantanha A, Choo KKR (2017) Machine learning aided Android malware classification. Comput Electr Eng 61:266–274. https://doi.org/10.1016/j.compeleceng.2017.02.013
Yang M, Wang S, Ling Z, Liu Y, Ni Z (2017) Detection of malicious behavior in Android apps through API calls and permission uses analysis. Concurr Comput Pract Exp 29:e4172. https://doi.org/10.1002/cpe.4172
Narayanan A, Chandramohan M, Chen L, Liu Y (2017) A multi-view context-aware approach to Android malware detection and malicious code localization. Empir Softw Eng 1–53. https://doi.org/10.1007/s10664-017-9539-8
Li Y, Jang J, Hu X, Ou X (2017) Android malware clustering through malicious payload mining. Lecture notes in computer science (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics). 10453 LNCS, pp 192–214. https://doi.org/10.1007/978-3-319-66332-6_9
Shen F, Del Vecchio J, Mohaisen A, Ko SY, Ziarek L (2017) Android malware detection using complex-flows. In: 2017 IEEE 37th international conference on distributed computing systems, pp 2430–2437. https://doi.org/10.1109/ICDCS.2017.190
Martinelli F, Mercaldo F, Saracino A (2017) BRIDEMAID: an hybrid tool for accurate detection of Android malware. In: Proc. 2017 ACM Asia conference on computer and communications security-ASIA CCS’17, pp 899–901. https://doi.org/10.1145/3052973.3055156
Zhu D, Jin H, Yang Y, Wu D, Chen W (2017) DeepFlow: deep learning-based malware detection by mining Android application for abnormal usage of sensitive data. In: Proceedings-IEEE symposium on computers and communications, pp 438–443. https://doi.org/10.1109/ISCC.2017.8024568
Varsha MV, Vinod P, Dhanya KA (2017) Identification of malicious Android app using manifest and opcode features. J Comput Virol Hacking Tech 13:125–138. https://doi.org/10.1007/s11416-016-0277-z
Apktool-A tool for reverse engineering 3rd party, closed, binary Android apps. https://ibotpeaches.github.io/Apktool/. Accessed 29 Nov 2020
Dalvik opcodes. http://pallergabor.uw.hu/androidblog/dalvik_opcodes.html. Accessed 29 Nov 2020
Dalvik bytecode|Android Open Source Project. https://source.android.com/devices/tech/dalvik/dalvik-bytecode. Accessed 29 Nov 2020
Hochreiter S, Urgen Schmidhuber J (1997) Long short-term memory. Neural Comput 9:1735–1780
Deeplearning4j: Open-source, Distributed Deep Learning for the JVM. https://deeplearning4j.org/. Accessed 29 Nov 2020
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Malviya, V.K., Gupta, A. (2021). Deep-Learning-based Malicious Android Application Detection. In: Bajpai, M.K., Kumar Singh, K., Giakos, G. (eds) Machine Vision and Augmented Intelligence—Theory and Applications. Lecture Notes in Electrical Engineering, vol 796. Springer, Singapore. https://doi.org/10.1007/978-981-16-5078-9_24
Download citation
DOI: https://doi.org/10.1007/978-981-16-5078-9_24
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-5077-2
Online ISBN: 978-981-16-5078-9
eBook Packages: Computer ScienceComputer Science (R0)