Skip to main content
SpringerLink
Log in

Deep-Learning-based Malicious Android Application Detection

  • Conference paper
  • First Online:
Machine Vision and Augmented Intelligence—Theory and Applications

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 796))

Abstract

Mobile applications are the most popular medium for delivering software services to the masses nowadays. In the cyber and virtual world, the security of mobile applications has become a critical issue today. Android is the most used operating system. We reviewed various attacks and maliciousness detection research works and found that permissions alone are not capable of discovering malicious intents of mobile applications. Here, we propose an LSTM network-based classification approach to make use of opcode sequences to investigate the maliciousness of mobile applications. We achieved an accuracy of 0.99 and an F1-score of 0.72, which shows the effectiveness of opcodes sequences to detect Android applications’ maliciousness.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 249.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Talha KA, Alper DI, Aydin C (2015) APK auditor: Permission-based Android malware detection system. Digit Investig 13:1–14. https://doi.org/10.1016/j.diin.2015.01.001

    Article  Google Scholar 

  2. Sun L, Li Z, Yan Q, Srisa-an W, Pan Y (2016) SigPID: significant permission identification for Android malware detection. In: 2016 11th International Conference on Malicious and Unwanted Software (MALWARE). IEEE, pp 1–8. https://doi.org/10.1109/MALWARE.2016.7888730

  3. Mahindru A, Singh P (2017) Dynamic permissions based Android malware detection using machine learning techniques. In: Proceedings of the 10th innovations in software engineering conference, pp 202–210. https://doi.org/10.1145/3021460.3021485

  4. Bezobrazov S, Sachenko A, Komar M, Rubanau V (2015) Artificial immune system for Android OS. In: Proceedings of the 2015 IEEE 8th international conference on intelligent data acquisition and advanced computing systems: technology and applications. IDAACS 2015, vol 1, pp 403–407. https://doi.org/10.1109/IDAACS.2015.7340767

  5. Sokolova K, Perez C, Lemercier M (2017) Android application classification and anomaly detection with graph-based permission patterns. Decis Support Syst 93:62–76. https://doi.org/10.1016/j.dss.2016.09.006

    Article  Google Scholar 

  6. Xiong P, Wang X, Niu W, Zhu T, Li G (2014) Android malware detection with contrasting permission patterns. China Commun 11:1–14. https://doi.org/10.1109/CC.2014.6911083

    Article  Google Scholar 

  7. Wang W, Wang X, Feng D, Liu J, Han Z, Zhang X (2014) Exploring permission-induced risk in Android applications for malicious application detection. IEEE Trans Inf Forensics Secur 9:1869–1882. https://doi.org/10.1109/TIFS.2014.2353996

    Article  Google Scholar 

  8. Yerima SY, Sezer S, McWilliams G, Muttik I (2013) A new Android malware detection approach using Bayesian classification. In: 2013 IEEE 27th international conference on advanced information networking and applications, pp 121–128. https://doi.org/10.1109/AINA.2013.88

  9. McWilliams G, Sezer S, Yerima SY (2014) Analysis of Bayesian classification-based approaches for Android malware detection. IET Inf Secur 8:25–36. https://doi.org/10.1049/iet-ifs.2013.0095

    Article  Google Scholar 

  10. Yerima SY, Sezer S, Muttik I (2014) Android malware detection using parallel machine learning classifiers. In: 2014 8th international conference on next generation mobile apps, services and technologies, pp 37–42. https://doi.org/10.1109/NGMAST.2014.23

  11. Peiravian N, Zhu X (2013) Machine learning for Android malware detection using permission and API calls. In: Proceedings-International conference on tools with artificial intelligence. ICTAI, pp 300–305. https://doi.org/10.1109/ICTAI.2013.53

  12. Zeng H, Ren Y, Wang QX, He NQ, Ding XY (2014) Detecting malware and evaluating risk of app using Android permission-API system. In: 2014 11th international computer conference on wavelet active media technology information process. ICCWAMTIP 2014, pp 440–443. https://doi.org/10.1109/ICCWAMTIP.2014.7073445

  13. Chan PPK, Song WK (2014) Static detection of Android malware by using permissions and API calls. In: Proceedings-International conference on machine learning and cybernetics, vol 1, pp 82–87. https://doi.org/10.1109/ICMLC.2014.7009096

  14. Cen L, Gates CS, Si L, Li N (2015) A probabilistic discriminative model for Android malware detection with decompiled source code. IEEE Trans Dependable Secur Comput 12:400–412. https://doi.org/10.1109/TDSC.2014.2355839

    Article  Google Scholar 

  15. Qiao M, Sung AH, Liu Q (2016) Merging permission and api features for Android malware detection. In: Proceedings-2016 5th IIAI international congress on advanced applied informatics, IIAI-AAI 2016, pp 566–571. https://doi.org/10.1109/IIAI-AAI.2016.237

  16. Tao G, Zheng Z, Guo Z, Lyu MR (2017) MalPat: mining patterns of malicious and benign Android apps via permission-related APIs. IEEE Trans Reliab 1–15. https://doi.org/10.1109/TR.2017.2778147

  17. Onwuzurike L, Mariconti E, Andriotis P, De Cristofaro E, Ross G, Stringhini G (2017) MaMaDroid: detecting Android malware by building markov chains of behavioral models (extended version). https://doi.org/10.14722/ndss.2017.23353

  18. Sahs J, Khan L (2012) A machine learning approach to Android malware detection. In: 2012 European intelligence and security informatics conference, pp 141–147. https://doi.org/10.1109/EISIC.2012.34

  19. Canfora G, Mercaldo F, Visaggio CA (2013) A classifier of malicious Android applications. In: Proceedings-2013 2013 International conference on availability, reliability and security ARES 2013, pp 607–614. https://doi.org/10.1109/ARES.2013.80

  20. Aung Z, Zaw W (2013) Permission-based Android malware detection. Int J Sci Technol Res 2

    Google Scholar 

  21. Yuan Z, Lu Y, Wang Z, Xue Y (2015) Droid-Sec: deep learning in Android malware detection. Comput Commun Rev 44:371–372. https://doi.org/10.1145/2619239.2631434

  22. Idrees F, Rajarajan M (2014) Investigating the Android intents and permissions for malware detection. In: International conference on wireless and mobile computing, networking and communications, pp 354–358. https://doi.org/10.1109/WiMOB.2014.6962194

  23. Feldman S, Stadther D, Wang B (2015) Manilyzer: automated Android malware detection through manifest analysis. In: Proceedings-11th IEEE international conference on mobile ad hoc and sensor systems MASS 2014, pp 767–772. https://doi.org/10.1109/MASS.2014.65

  24. Su MY, Fung KT (2016) Detection of Android malware by static analysis on permissions and sensitive functions. In: International conference on ubiquitous and future networks, ICUFN, 2016-August, pp 873–875. https://doi.org/10.1109/ICUFN.2016.7537161

  25. Kang BJ, Yerima SY, McLaughlin K, Sezer S (2016) N-opcode analysis for Android malware classification and categorization. In: 2016 international conference on cyber security and protection of digital services, cyber security 2016, pp 13–14. https://doi.org/10.1109/CyberSecPODS.2016.7502343

  26. Wang W, Li Y, Wang X, Liu J, Zhang X (2018) Detecting Android malicious apps and categorizing benign apps with ensemble of classifiers. Futur Gener Comput Syst 78:987–994. https://doi.org/10.1016/J.FUTURE.2017.01.019

    Article  Google Scholar 

  27. Milosevic N, Dehghantanha A, Choo KKR (2017) Machine learning aided Android malware classification. Comput Electr Eng 61:266–274. https://doi.org/10.1016/j.compeleceng.2017.02.013

    Article  Google Scholar 

  28. Yang M, Wang S, Ling Z, Liu Y, Ni Z (2017) Detection of malicious behavior in Android apps through API calls and permission uses analysis. Concurr Comput Pract Exp 29:e4172. https://doi.org/10.1002/cpe.4172

    Article  Google Scholar 

  29. Narayanan A, Chandramohan M, Chen L, Liu Y (2017) A multi-view context-aware approach to Android malware detection and malicious code localization. Empir Softw Eng 1–53. https://doi.org/10.1007/s10664-017-9539-8

  30. Li Y, Jang J, Hu X, Ou X (2017) Android malware clustering through malicious payload mining. Lecture notes in computer science (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics). 10453 LNCS, pp 192–214. https://doi.org/10.1007/978-3-319-66332-6_9

  31. Shen F, Del Vecchio J, Mohaisen A, Ko SY, Ziarek L (2017) Android malware detection using complex-flows. In: 2017 IEEE 37th international conference on distributed computing systems, pp 2430–2437. https://doi.org/10.1109/ICDCS.2017.190

  32. Martinelli F, Mercaldo F, Saracino A (2017) BRIDEMAID: an hybrid tool for accurate detection of Android malware. In: Proc. 2017 ACM Asia conference on computer and communications security-ASIA CCS’17, pp 899–901. https://doi.org/10.1145/3052973.3055156

  33. Zhu D, Jin H, Yang Y, Wu D, Chen W (2017) DeepFlow: deep learning-based malware detection by mining Android application for abnormal usage of sensitive data. In: Proceedings-IEEE symposium on computers and communications, pp 438–443. https://doi.org/10.1109/ISCC.2017.8024568

  34. Varsha MV, Vinod P, Dhanya KA (2017) Identification of malicious Android app using manifest and opcode features. J Comput Virol Hacking Tech 13:125–138. https://doi.org/10.1007/s11416-016-0277-z

    Article  Google Scholar 

  35. Apktool-A tool for reverse engineering 3rd party, closed, binary Android apps. https://ibotpeaches.github.io/Apktool/. Accessed 29 Nov 2020

  36. Dalvik opcodes. http://pallergabor.uw.hu/androidblog/dalvik_opcodes.html. Accessed 29 Nov 2020

  37. Dalvik bytecode|Android Open Source Project. https://source.android.com/devices/tech/dalvik/dalvik-bytecode. Accessed 29 Nov 2020

  38. Hochreiter S, Urgen Schmidhuber J (1997) Long short-term memory. Neural Comput 9:1735–1780

    Google Scholar 

  39. Deeplearning4j: Open-source, Distributed Deep Learning for the JVM. https://deeplearning4j.org/. Accessed 29 Nov 2020

Download references

Author information

Authors and Affiliations

  1. NIIT University, Neemrana, Rajasthan, India

    Vikas K. Malviya

  2. Design and Manufacturing, Indian Institute of Information Technology, Jabalpur, India

    Atul Gupta

Authors
  1. Vikas K. Malviya
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Atul Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, IIITDM Jabalpur, Jabalpur, India

    Manish Kumar Bajpai

  2. Department of Computer Science and Engineering, National Institute of Technology Jamshedpur, Jamshedpur, India

    Koushlendra Kumar Singh

  3. Department of Electrical and Computer Engineering, Manhattan College, New York, NY, USA

    George Giakos

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Malviya, V.K., Gupta, A. (2021). Deep-Learning-based Malicious Android Application Detection. In: Bajpai, M.K., Kumar Singh, K., Giakos, G. (eds) Machine Vision and Augmented Intelligence—Theory and Applications. Lecture Notes in Electrical Engineering, vol 796. Springer, Singapore. https://doi.org/10.1007/978-981-16-5078-9_24

Download citation

  • DOI: https://doi.org/10.1007/978-981-16-5078-9_24

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-16-5077-2

  • Online ISBN: 978-981-16-5078-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation