Abstract
A survey of literature shows that transforming the application files into images and employing deep learning-based models for image classification has been considered as one of the significant directions for malware detection and classification. Mainly, convolutional neural networks (CNN)-based models are successfully employed for Android malware detection and classification. This is mainly due to the reason that this type of malware detection and classification approach is platform independent and has the capability to detect metamorphic and polymorphic malware. The Image-based Android malware detection is resilient to both unpacked and packed malware. Following, this work employs various 26 CNN-based pretrained models and the detailed investigation and analysis of experiments are shown on the Image-based Android malware dataset. Each of these models have the capability to extract its own optimal features and these features are distinct to each other. The penultimate layer features of best performed CNN-based pretrained models are extracted and dimensionality of the features were reduced using kernel principal component analysis (KPCA). The reduced features were fused together and passed into a meta-classifier or stacked classifier for classification. This classifier has two levels; in the first level support vector machine (SVM) and random forest (RForest) machine learning classifier were included for prediction and logistic regression in the second level for classification. The four combinations of fused models are DenseNet, ResNet, InceptionResNet, and EfficientNet. EfficientNet-based fused models showed better performances compared to other fused models and non-fused CNN-based pretrained models. Moreover, the EfficientNet-based fused models outperformed the existing approaches for Android malware detection. All the model performances were shown on two different testing datasets and the proposed model has shown the similar performances on both the testing datasets with attaining better performances during training and testing. This indicates that the proposed model is more generalizable, robust, and it can be used as tool that can be deployed in any application play store.
Similar content being viewed by others
Data Availability Statement
Data will be made available on reasonable request
Code Availability
Programming codes implemented in this study are available from the first author upon request.
References
Android Malware (2021) Volume statistics, 16 March 2021. https://www.statista.com/statistics/680705/global-android-malware-volume/
Arslan RS, Amd-cnn MT (2022) Android malware detection via feature graph and convolutional neural networks. Concurrency Computat Pract Experience, p e7180
Awotunde JB, Ajagbe SA, Oladipupo MA, Awokola JA, Afolabi OS, Mathew TO, Oguns YJ (2021) An improved machine learnings diagnosis technique for covid-19 pandemic using chest x-ray images. In: International conference on applied informatics. Springer, pp 319–330
Bakour K, Ünver HM (2020) Visdroid: android malware classification based on local and global image features, bag of visual words and machine learning techniques. Neural Comput Appl:1–21
Bakour K, Ünver HM (2021) Deepvisdroid: android malware detection by hybridizing image-based features with deep learning techniques. Neural Comput Appl 33(18):11499–11516
Chen H, Du R, Liu Z, Xu H (2018) Android malware classification using xgboost based on images patterns. In: 2018 IEEE 4th information technology and mechatronics engineering conference (ITOEC). IEEE, pp 1358–1362
Dai Y, Li H, Qian Y, Lu X (2018) A malware classification method based on memory dump grayscale image. Digit Investig 27:30–37
Darus FM, Ahmad NA, Mohd Ariffin AF (2019) Android malware classification using xgboost on data image pattern. In: 2019 IEEE international conference on internet of things and intelligence system (iotaIS). IEEE, pp 118–122
Darus FM, Salleh NAA, Mohd Ariffin AF (2018) Android malware detection using machine learning on image patterns. In: 2018 Cyber resilience conference (CRC). IEEE, pp 1–2
De Oliveira AS, Sassi RJ (2020) Chimera: an android malware detection method based on multimodal deep learning and hybrid analysis
Ding Y, Wu R, Xue F (2018) Detecting android malware using bytecode image. In: International conference on cognitive computing. Springer, pp 164–169
Ding Y, Zhang X, Hu J, Xu W (2020) Android malware detection method based on bytecode image. J Ambient Intell Humanized Comput:1–10
Galov N (2021) 21+ Exciting android statistics to keep your eyes on in 2021
Gu S, Cheng S, Zhang W (2020) From image to code: executable adversarial examples of android applications. In: Proceedings of the 2020 6th international conference on computing and artificial intelligence, pp 261–268
Guerra-Manzanares A, Bahsi H (2022) On the relativity of time: implications and challenges of data drift on long-term effective android malware detection. Comput Secur, p 102835
Guerra-Manzanares A, Valbe M (2022) Cross-device behavioral consistency: benchmarking and implications for effective android malware detection. Mach Learn Appl, p 100357
He P, Gan G (2020) Android malicious app detection based on cnn deep learning algorithm. In: IOP conference series: earth and environmental science. IOP publishing, vol 428, pp 012061
Huang W, Hou E, Zheng L, Feng W (2018) Mixdroid: a multi-features and multi-classifiers bagging system for android malware detection. In: AIP conference proceedings. AIP publishing LLC, vol 1967, pp 020015
Huang TH-D, Kao H-Y (2018) R2-d2: color-inspired convolutional neural network (cnn)-based android malware detections. In: 2018 IEEE international conference on big data (big data). IEEE, pp 2633–2642
Jerbi M, Dagdia ZC, Bechikh S, Said LB (2022) Android malware detection as a bi-level problem. Comput Secur 121:102825
Jung J, Choi J, Cho S-J, Han S, Park M, Hwang Y (2018) Android malware detection using convolutional neural networks and data section images. In: Proceedings of the 2018 conference on research in adaptive and convergent systems, pp 149–153
Kumar A, Pramod Sagar K, Kuppusamy KS, Aghila G (2016) Machine learning based malware classification for android applications using multimodal image representations. In: 2016 10th International conference on intelligent systems and control (ISCO). IEEE, pp 1–6
Kumar TA, Rajmohan R, Pavithra M, Ajagbe SA, Hodhod R, Gaber T (2022) Automatic face mask detection system in public transportation in smart cities using iot and deep learning. Electronics 11(6):904
Lachtar N, Ibdah D, Bacha A (2020) Towards mobile malware detection through convolutional neural networks. IEEE Embedded Syst Lett
Lakshmanan R (2021) New android malware steals financial data from 378 banking and wallet apps
Lekssays A, Falah B, Abufardeh S (2020) A novel approach for android malware detection and classification using convolutional neural networks. In: ICSOFT 2020 - proceedings of the 15th international conference on software technologies, (Icsoft), pp 606–614
Malware (2021) Statistics, 16 March 2021. https://www.av-test.org/en/statistics/malware/
Mercaldo F, Santone A (2020) Deep learning for image-based mobile malware detection. J Comput Virology Hacking Tech:1–15
Muzaffar A, Hassen HR, Lones MA, Zantout H (2022) An in-depth review of machine learning based android malware detection. Comput Secur:102833
Naeem H, Guo B, Ullah F, Naeem MR (2019) A cross-platform malware variant classification based on image representation. KSII Trans Internet Inf Syst, vol 13(7)
Qiu J, Zhang J, Luo W, Pan L, Nepal S, Xiang Y (2020) A survey of android malware detection with deep neural models. ACM Comput Surv, vol 53(6)
Rafiq H, Aslam N, Ahmed U, Lin JC-W (2022) Mitigating malicious adversaries evasion attacks in industrial internet of things. IEEE Trans Industr Inf
Rahali A, Lashkari AH, Kaur G, Taheri L, Gagnon F, Massicotte F (2020) DIDroid: android malware classification and characterization using deep image learning. PervasiveHealth: Pervasive Comput Technol Healthcare:70–82
Rehman Z-U, Khan SN, Muhammad K, Lee JW, Lv Z, Baik SW, Shah PA, Awan K, Mehmood I (2018) Machine learning-assisted signature and heuristic-based detection of malwares in android devices. Comput Electr Eng 69:828–841
Ren Z, Wu H, Ning Q, Hussain I, Chen B (2020) End-to-end malware detection for android iot devices using deep learning. Ad Hoc Netw 101:102098
Selvaganapathy S, Sadasivam S, Ravi V (2021) A review on android malware: attacks countermeasures and challenges ahead. J Cyber Secur Mobility:177–230
Singh J, Thakur D, Ali F, Gera T, Kwak KS (2020) Deep feature extraction and classification of android malware images. Sensors 20(24):7013
Singh J, Thakur D, Gera T, Shah B, Abuhmed T, Ali F (2021) Classification and analysis of android malware images using feature fusion technique. IEEE Access, vol 9
Su X, Zhang D, Li W, Zhao K (2016) A deep learning approach to android malware feature learning and detection. In: 2016 IEEE trustcom/bigdataSE/ISPA. IEEE, pp 244–251
Tan M, Le QV (2019) Efficientnet: rethinking model scaling for convolutional neural networks. CoRR arXiv:1905.11946
Ünver HM, Bakour K (2020) Android malware detection based on image-based features and machine learning techniques. SN Appl Sci 2(7):1–15
Venkatraman S, Alazab M, Vinayakumar R (2019) A hybrid deep learning image-based analysis for effective malware detection. J Inf Secur Appl 47:377–389
Vinayakumar R, Alazab M, Soman KP, Poornachandran P, Venkatraman S (2019) Robust intelligent malware detection using deep learning. IEEE Access 7:46717–46738
Vinayakumar R, Soman KP, Poornachandran P (2017) Deep android malware detection and classification. In: 2017 International conference on advances in computing, communications and informatics (ICACCI). IEEE, pp 1677–1683
Vinayakumar R, Soman KP, Poornachandran P, Sachin Kumar S (2018) Detecting android malware using long short-term memory (lstm). J Intell Fuzzy Syst 34(3):1277–1288
Wolpert DH (1992) Stacked generalization. Neural Netw 5(2):241–259
Yang S (2019) An image-inspired and cnn-based android malware detection approach. In: Proceedings of the 34th IEEE/ACM international conference on automated software engineering, pp 1259–1261
Yang M, Wen Q (2017) Detecting android malware by applying classification techniques on images patterns. In: 2017 IEEE 2nd international conference on cloud computing and big data analysis (ICCCBDA). IEEE, pp 344–347
Yen Y-S, Sun H-M (2019) An android mutation malware detection based on deep learning using visualization of importance from codes. Microelectron Reliab 93:109–114
Yumlembam R, Issac B, Jacob SM, Yang L (2022) Iot-based android malware detection using graph neural network with adversarial defense. IEEE Internet Things J
Zhang W, Luktarhan N, Ding C, Lu B (2021) Android malware detection using tcn with bytecode image. Symmetry, vol 13(7)
Zhang H, Qin J, Zhang B, Yan H, Guo J, Gao F, Wang S, Hu Y (2020) A multiclass detection system for android malicious apps based on color image features. Wirel Commun Mob Comput, vol 2020
Zhao J, Masood R, Seneviratne S (2021) A review of computer vision methods in network security. IEEE Commun Surveys Tutorials
Funding
Not applicable.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of Interests
The authors declare no conflict of interest.
Additional information
Availability of data and material
Data used in this study are available from the first author upon request.
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Ravi, V., Chaganti, R. EfficientNet deep learning meta-classifier approach for image-based android malware detection. Multimed Tools Appl 82, 24891–24917 (2023). https://doi.org/10.1007/s11042-022-14236-6
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-022-14236-6