Android malware detection based on multi-head squeeze-and-excitation residual network

The popularity and flexibility of the Android platform makes it the primary target of malicious attackers. The behaviors of malware, such as malicious charges and privacy theft, pose serious security threats to users. Permission granting, as the primary security scheme of Android, is a prerequisite...

Full description

Saved in:
Bibliographic Details
Published in:Expert systems with applications 2023-02, Vol.212, p.118705, Article 118705
Main Authors: Zhu, Hui-juan, Gu, Wei, Wang, Liang-min, Xu, Zhi-cheng, Sheng, Victor S.
Format: Article
Language:English
Subjects:
Android malware
Android security
Deep neural Network
Malware detection
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The popularity and flexibility of the Android platform makes it the primary target of malicious attackers. The behaviors of malware, such as malicious charges and privacy theft, pose serious security threats to users. Permission granting, as the primary security scheme of Android, is a prerequisite for performing dangerous operations on devices by invoking Application Programming Interfaces (APIs). Besides, permission and hardware features are jointly declared in the manifest file of an application (app) to guarantee its device compatibility. Thus, we extract permissions, API calls and hardware features to characterize apps. Furthermore, we design a novel architectural unit, Multi-Head Squeeze-and-Excitation Residual block (MSer), to learn the intrinsic correlation between features and recalibrating them from multiple perspectives. Based on these two works, we propose a new malware detection framework MSerNetDroid. To investigate the effectiveness of the proposed framework, we analyzed 2,126 malicious apps and 1,061 benign ones collected from VirusShare and Google Play Store. The assessment results demonstrate that the proposed model successful detects malware with an accuracy of 96.48%. We also compare the proposed method with the state-of-the-art approaches, including the use of diversity static features and various detection algorithms. These promising experimental results consistently show that MSerNetDroid is an effective way to detect Android malware.
ISSN:0957-4174
1873-6793
DOI:10.1016/j.eswa.2022.118705