Skip to main content
SpringerLink
Log in

EfficientNet deep learning meta-classifier approach for image-based android malware detection

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

A survey of literature shows that transforming the application files into images and employing deep learning-based models for image classification has been considered as one of the significant directions for malware detection and classification. Mainly, convolutional neural networks (CNN)-based models are successfully employed for Android malware detection and classification. This is mainly due to the reason that this type of malware detection and classification approach is platform independent and has the capability to detect metamorphic and polymorphic malware. The Image-based Android malware detection is resilient to both unpacked and packed malware. Following, this work employs various 26 CNN-based pretrained models and the detailed investigation and analysis of experiments are shown on the Image-based Android malware dataset. Each of these models have the capability to extract its own optimal features and these features are distinct to each other. The penultimate layer features of best performed CNN-based pretrained models are extracted and dimensionality of the features were reduced using kernel principal component analysis (KPCA). The reduced features were fused together and passed into a meta-classifier or stacked classifier for classification. This classifier has two levels; in the first level support vector machine (SVM) and random forest (RForest) machine learning classifier were included for prediction and logistic regression in the second level for classification. The four combinations of fused models are DenseNet, ResNet, InceptionResNet, and EfficientNet. EfficientNet-based fused models showed better performances compared to other fused models and non-fused CNN-based pretrained models. Moreover, the EfficientNet-based fused models outperformed the existing approaches for Android malware detection. All the model performances were shown on two different testing datasets and the proposed model has shown the similar performances on both the testing datasets with attaining better performances during training and testing. This indicates that the proposed model is more generalizable, robust, and it can be used as tool that can be deployed in any application play store.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Algorithm 1
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Data Availability Statement

Data will be made available on reasonable request

Code Availability

Programming codes implemented in this study are available from the first author upon request.

Notes

  1. https://www.tensorflow.org/

  2. https://keras.io/

  3. https://scikit-learn.org/

  4. https://colab.research.google.com

References

  1. Android Malware (2021) Volume statistics, 16 March 2021. https://www.statista.com/statistics/680705/global-android-malware-volume/

  2. Arslan RS, Amd-cnn MT (2022) Android malware detection via feature graph and convolutional neural networks. Concurrency Computat Pract Experience, p e7180

  3. Awotunde JB, Ajagbe SA, Oladipupo MA, Awokola JA, Afolabi OS, Mathew TO, Oguns YJ (2021) An improved machine learnings diagnosis technique for covid-19 pandemic using chest x-ray images. In: International conference on applied informatics. Springer, pp 319–330

  4. Bakour K, Ünver HM (2020) Visdroid: android malware classification based on local and global image features, bag of visual words and machine learning techniques. Neural Comput Appl:1–21

  5. Bakour K, Ünver HM (2021) Deepvisdroid: android malware detection by hybridizing image-based features with deep learning techniques. Neural Comput Appl 33(18):11499–11516

    Article  Google Scholar 

  6. Chen H, Du R, Liu Z, Xu H (2018) Android malware classification using xgboost based on images patterns. In: 2018 IEEE 4th information technology and mechatronics engineering conference (ITOEC). IEEE, pp 1358–1362

  7. Dai Y, Li H, Qian Y, Lu X (2018) A malware classification method based on memory dump grayscale image. Digit Investig 27:30–37

    Article  Google Scholar 

  8. Darus FM, Ahmad NA, Mohd Ariffin AF (2019) Android malware classification using xgboost on data image pattern. In: 2019 IEEE international conference on internet of things and intelligence system (iotaIS). IEEE, pp 118–122

  9. Darus FM, Salleh NAA, Mohd Ariffin AF (2018) Android malware detection using machine learning on image patterns. In: 2018 Cyber resilience conference (CRC). IEEE, pp 1–2

  10. De Oliveira AS, Sassi RJ (2020) Chimera: an android malware detection method based on multimodal deep learning and hybrid analysis

  11. Ding Y, Wu R, Xue F (2018) Detecting android malware using bytecode image. In: International conference on cognitive computing. Springer, pp 164–169

  12. Ding Y, Zhang X, Hu J, Xu W (2020) Android malware detection method based on bytecode image. J Ambient Intell Humanized Comput:1–10

  13. Galov N (2021) 21+ Exciting android statistics to keep your eyes on in 2021

  14. Gu S, Cheng S, Zhang W (2020) From image to code: executable adversarial examples of android applications. In: Proceedings of the 2020 6th international conference on computing and artificial intelligence, pp 261–268

  15. Guerra-Manzanares A, Bahsi H (2022) On the relativity of time: implications and challenges of data drift on long-term effective android malware detection. Comput Secur, p 102835

  16. Guerra-Manzanares A, Valbe M (2022) Cross-device behavioral consistency: benchmarking and implications for effective android malware detection. Mach Learn Appl, p 100357

  17. He P, Gan G (2020) Android malicious app detection based on cnn deep learning algorithm. In: IOP conference series: earth and environmental science. IOP publishing, vol 428, pp 012061

  18. Huang W, Hou E, Zheng L, Feng W (2018) Mixdroid: a multi-features and multi-classifiers bagging system for android malware detection. In: AIP conference proceedings. AIP publishing LLC, vol 1967, pp 020015

  19. Huang TH-D, Kao H-Y (2018) R2-d2: color-inspired convolutional neural network (cnn)-based android malware detections. In: 2018 IEEE international conference on big data (big data). IEEE, pp 2633–2642

  20. Jerbi M, Dagdia ZC, Bechikh S, Said LB (2022) Android malware detection as a bi-level problem. Comput Secur 121:102825

    Article  Google Scholar 

  21. Jung J, Choi J, Cho S-J, Han S, Park M, Hwang Y (2018) Android malware detection using convolutional neural networks and data section images. In: Proceedings of the 2018 conference on research in adaptive and convergent systems, pp 149–153

  22. Kumar A, Pramod Sagar K, Kuppusamy KS, Aghila G (2016) Machine learning based malware classification for android applications using multimodal image representations. In: 2016 10th International conference on intelligent systems and control (ISCO). IEEE, pp 1–6

  23. Kumar TA, Rajmohan R, Pavithra M, Ajagbe SA, Hodhod R, Gaber T (2022) Automatic face mask detection system in public transportation in smart cities using iot and deep learning. Electronics 11(6):904

    Article  Google Scholar 

  24. Lachtar N, Ibdah D, Bacha A (2020) Towards mobile malware detection through convolutional neural networks. IEEE Embedded Syst Lett

  25. Lakshmanan R (2021) New android malware steals financial data from 378 banking and wallet apps

  26. Lekssays A, Falah B, Abufardeh S (2020) A novel approach for android malware detection and classification using convolutional neural networks. In: ICSOFT 2020 - proceedings of the 15th international conference on software technologies, (Icsoft), pp 606–614

  27. Malware (2021) Statistics, 16 March 2021. https://www.av-test.org/en/statistics/malware/

  28. Mercaldo F, Santone A (2020) Deep learning for image-based mobile malware detection. J Comput Virology Hacking Tech:1–15

  29. Muzaffar A, Hassen HR, Lones MA, Zantout H (2022) An in-depth review of machine learning based android malware detection. Comput Secur:102833

  30. Naeem H, Guo B, Ullah F, Naeem MR (2019) A cross-platform malware variant classification based on image representation. KSII Trans Internet Inf Syst, vol 13(7)

  31. Qiu J, Zhang J, Luo W, Pan L, Nepal S, Xiang Y (2020) A survey of android malware detection with deep neural models. ACM Comput Surv, vol 53(6)

  32. Rafiq H, Aslam N, Ahmed U, Lin JC-W (2022) Mitigating malicious adversaries evasion attacks in industrial internet of things. IEEE Trans Industr Inf

  33. Rahali A, Lashkari AH, Kaur G, Taheri L, Gagnon F, Massicotte F (2020) DIDroid: android malware classification and characterization using deep image learning. PervasiveHealth: Pervasive Comput Technol Healthcare:70–82

  34. Rehman Z-U, Khan SN, Muhammad K, Lee JW, Lv Z, Baik SW, Shah PA, Awan K, Mehmood I (2018) Machine learning-assisted signature and heuristic-based detection of malwares in android devices. Comput Electr Eng 69:828–841

    Article  Google Scholar 

  35. Ren Z, Wu H, Ning Q, Hussain I, Chen B (2020) End-to-end malware detection for android iot devices using deep learning. Ad Hoc Netw 101:102098

    Article  Google Scholar 

  36. Selvaganapathy S, Sadasivam S, Ravi V (2021) A review on android malware: attacks countermeasures and challenges ahead. J Cyber Secur Mobility:177–230

  37. Singh J, Thakur D, Ali F, Gera T, Kwak KS (2020) Deep feature extraction and classification of android malware images. Sensors 20(24):7013

    Article  Google Scholar 

  38. Singh J, Thakur D, Gera T, Shah B, Abuhmed T, Ali F (2021) Classification and analysis of android malware images using feature fusion technique. IEEE Access, vol 9

  39. Su X, Zhang D, Li W, Zhao K (2016) A deep learning approach to android malware feature learning and detection. In: 2016 IEEE trustcom/bigdataSE/ISPA. IEEE, pp 244–251

  40. Tan M, Le QV (2019) Efficientnet: rethinking model scaling for convolutional neural networks. CoRR arXiv:1905.11946

  41. Ünver HM, Bakour K (2020) Android malware detection based on image-based features and machine learning techniques. SN Appl Sci 2(7):1–15

    Article  Google Scholar 

  42. Venkatraman S, Alazab M, Vinayakumar R (2019) A hybrid deep learning image-based analysis for effective malware detection. J Inf Secur Appl 47:377–389

    Google Scholar 

  43. Vinayakumar R, Alazab M, Soman KP, Poornachandran P, Venkatraman S (2019) Robust intelligent malware detection using deep learning. IEEE Access 7:46717–46738

    Article  Google Scholar 

  44. Vinayakumar R, Soman KP, Poornachandran P (2017) Deep android malware detection and classification. In: 2017 International conference on advances in computing, communications and informatics (ICACCI). IEEE, pp 1677–1683

  45. Vinayakumar R, Soman KP, Poornachandran P, Sachin Kumar S (2018) Detecting android malware using long short-term memory (lstm). J Intell Fuzzy Syst 34(3):1277–1288

    Article  Google Scholar 

  46. Wolpert DH (1992) Stacked generalization. Neural Netw 5(2):241–259

    Article  Google Scholar 

  47. Yang S (2019) An image-inspired and cnn-based android malware detection approach. In: Proceedings of the 34th IEEE/ACM international conference on automated software engineering, pp 1259–1261

  48. Yang M, Wen Q (2017) Detecting android malware by applying classification techniques on images patterns. In: 2017 IEEE 2nd international conference on cloud computing and big data analysis (ICCCBDA). IEEE, pp 344–347

  49. Yen Y-S, Sun H-M (2019) An android mutation malware detection based on deep learning using visualization of importance from codes. Microelectron Reliab 93:109–114

    Article  Google Scholar 

  50. Yumlembam R, Issac B, Jacob SM, Yang L (2022) Iot-based android malware detection using graph neural network with adversarial defense. IEEE Internet Things J

  51. Zhang W, Luktarhan N, Ding C, Lu B (2021) Android malware detection using tcn with bytecode image. Symmetry, vol 13(7)

  52. Zhang H, Qin J, Zhang B, Yan H, Guo J, Gao F, Wang S, Hu Y (2020) A multiclass detection system for android malicious apps based on color image features. Wirel Commun Mob Comput, vol 2020

  53. Zhao J, Masood R, Seneviratne S (2021) A review of computer vision methods in network security. IEEE Commun Surveys Tutorials

Download references

Funding

Not applicable.

Author information

Authors and Affiliations

  1. Center for Artificial Intelligence, Prince Mohammad Bin Fahd University, Khobar, Saudi Arabia

    Vinayakumar Ravi

  2. Department of Computer Science, University of Texas at San Antonio, San Antonio, Texas, 78249, USA

    Rajasekhar Chaganti

Authors
  1. Vinayakumar Ravi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rajasekhar Chaganti
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vinayakumar Ravi.

Ethics declarations

Conflict of Interests

The authors declare no conflict of interest.

Additional information

Availability of data and material

Data used in this study are available from the first author upon request.

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ravi, V., Chaganti, R. EfficientNet deep learning meta-classifier approach for image-based android malware detection. Multimed Tools Appl 82, 24891–24917 (2023). https://doi.org/10.1007/s11042-022-14236-6

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-022-14236-6

Keywords

Search

Navigation