Title | Android Malware Detection Using Convolutional Neural Networks and Data Section Images |
Publication Type | Conference Paper |
Year of Publication | 2018 |
Authors | Jung, Jaemin, Choi, Jongmoo, Cho, Seong-je, Han, Sangchul, Park, Minkyu, Hwang, Youngsup |
Conference Name | Proceedings of the 2018 Conference on Research in Adaptive and Convergent Systems |
Publisher | ACM |
ISBN Number | 978-1-4503-5885-9 |
Keywords | Android malware, CNN, data section, grayscale image, pubcrawl, Resiliency, Scalability, security, Stochastic computing |
Abstract | The paper proposes a new technique to detect Android malware effectively based on converting malware binaries into images and applying machine learning techniques on those images. Existing research converts the whole executable files (e.g., DEX files in Android application package) of target apps into images and uses them for machine learning. However, the entire DEX file (consisting of header section, identifier section, data section, optional link data area, etc.) might contain noisy information for malware detection. In this paper, we convert only data sections of DEX files into grayscale images and apply machine learning on the images with Convolutional Neural Networks (CNN). By using only the data sections for 5,377 malicious and 6,249 benign apps, our technique reduces the storage capacity by 17.5% on average compared to using the whole DEX files. We apply two CNN models, Inception-v3 and Inception-ResNet-v2, which are known to be efficient in image processing, and examine the effectiveness of our technique in terms of accuracy. Experiment results show that the proposed technique achieves better accuracy with smaller storage capacity than the approach using the whole DEX files. Inception-ResNet-v2 with the stochastic gradient descent (SGD) optimization algorithm reaches 98.02% accuracy. |
DOI | 10.1145/3264746.3264780 |
Citation Key | jung_android_2018 |