Dynamic android malware category classification using semi-supervised deep learning
Due to the significant threat of Android mobile malware, its detection has become increasingly important. Despite the academic and industrial attempts, devising a robust and efficient solution for Android malware detection and category classification is still an open problem. Supervised machine lear...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English English English |
| Published: |
IEEE
2020
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/85914/3/DASC_best_student%20paper.pdf http://irep.iium.edu.my/85914/9/85914%20Dynamic%20Android%20Malware%20Category%20Classification.pdf http://irep.iium.edu.my/85914/15/85914_Dynamic%20Android%20Malware%20Category%20Classification%20using%20Semi-Supervised%20SCOPUS.pdf http://irep.iium.edu.my/85914/ https://ieeexplore.ieee.org/document/9251198 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.iium.irep.85914 |
|---|---|
| record_format |
dspace |
| spelling |
my.iium.irep.859142021-01-17T05:28:17Z http://irep.iium.edu.my/85914/ Dynamic android malware category classification using semi-supervised deep learning Mahdavifar, Samaneh Kadir, Andi Fitriah Abdul Fatemi, Rasool Alhadidi, Dima Ghorbani, Ali A T Technology (General) Due to the significant threat of Android mobile malware, its detection has become increasingly important. Despite the academic and industrial attempts, devising a robust and efficient solution for Android malware detection and category classification is still an open problem. Supervised machine learning has been used to solve this issue. However, it is far to be perfect because it requires a significant amount of malicious and benign code to be identified and labeled beforehand. Since labeled data is expensive and difficult to get while unlabeled data is abundant and cheap in this context, we resort to a semi-supervised learning technique for deep neural networks, namely pseudo-label, which we train using a set of labeled and unlabeled instances. We use dynamic analysis to craft dynamic behavior profiles as feature vectors. Furthermore, we develop a new dataset, namely CICMalDroid2020, which includes 17,341 most recent samples of five different Android apps categories: Adware, Banking, SMS, Riskware, and Benign. Our offered dataset comprises the most complete captured static and dynamic features among publicly available datasets. We evaluate our proposed model on CICMalDroid2020 and conduct a comparison with Label Propagation (LP), a well-known semi-supervised machine learning technique, and other common machine learning algorithms. The experimental results show that the model can classify Android apps with respect to malware category with F 1 -Score of 97.84 percent and a false positive rate of 2.76 percent, considerably higher than LP. These results demonstrate the robustness of our model despite the small number of labeled instances. IEEE 2020-11-11 Conference or Workshop Item PeerReviewed application/pdf en http://irep.iium.edu.my/85914/3/DASC_best_student%20paper.pdf application/pdf en http://irep.iium.edu.my/85914/9/85914%20Dynamic%20Android%20Malware%20Category%20Classification.pdf application/pdf en http://irep.iium.edu.my/85914/15/85914_Dynamic%20Android%20Malware%20Category%20Classification%20using%20Semi-Supervised%20SCOPUS.pdf Mahdavifar, Samaneh and Kadir, Andi Fitriah Abdul and Fatemi, Rasool and Alhadidi, Dima and Ghorbani, Ali A (2020) Dynamic android malware category classification using semi-supervised deep learning. In: 2020 IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2020, 17th-22nd August 2020, Calgary, AB, Canada. https://ieeexplore.ieee.org/document/9251198 10.1109/DASC-PICom-CBDCom-CyberSciTech49142.2020.00094 |
| institution |
Universiti Islam Antarabangsa Malaysia |
| building |
IIUM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
International Islamic University Malaysia |
| content_source |
IIUM Repository (IREP) |
| url_provider |
http://irep.iium.edu.my/ |
| language |
English English English |
| topic |
T Technology (General) |
| spellingShingle |
T Technology (General) Mahdavifar, Samaneh Kadir, Andi Fitriah Abdul Fatemi, Rasool Alhadidi, Dima Ghorbani, Ali A Dynamic android malware category classification using semi-supervised deep learning |
| description |
Due to the significant threat of Android mobile malware, its detection has become increasingly important. Despite the academic and industrial attempts, devising a robust and efficient solution for Android malware detection and category classification is still an open problem. Supervised machine learning has been used to solve this issue. However, it is far to be perfect because it requires a significant amount of malicious and benign code to be identified and labeled beforehand. Since labeled data is expensive and difficult to get while unlabeled data is abundant and cheap in this context, we resort to a semi-supervised learning technique for deep neural networks, namely pseudo-label, which we train using a set of labeled and unlabeled instances. We use dynamic analysis to craft dynamic behavior profiles as feature vectors. Furthermore, we develop a new dataset, namely CICMalDroid2020, which includes 17,341 most recent samples of five different Android apps categories: Adware, Banking, SMS, Riskware, and Benign. Our offered dataset comprises the most complete captured static and dynamic features among publicly available datasets. We evaluate our proposed model on CICMalDroid2020 and conduct a comparison with Label Propagation (LP), a well-known semi-supervised machine learning technique, and other common machine learning algorithms. The experimental results show that the model can classify Android apps with respect to malware category with F 1 -Score of 97.84 percent and a false positive rate of 2.76 percent, considerably higher than LP. These results demonstrate the robustness of our model despite the small number of labeled instances. |
| format |
Conference or Workshop Item |
| author |
Mahdavifar, Samaneh Kadir, Andi Fitriah Abdul Fatemi, Rasool Alhadidi, Dima Ghorbani, Ali A |
| author_facet |
Mahdavifar, Samaneh Kadir, Andi Fitriah Abdul Fatemi, Rasool Alhadidi, Dima Ghorbani, Ali A |
| author_sort |
Mahdavifar, Samaneh |
| title |
Dynamic android malware category classification using semi-supervised deep learning |
| title_short |
Dynamic android malware category classification using semi-supervised deep learning |
| title_full |
Dynamic android malware category classification using semi-supervised deep learning |
| title_fullStr |
Dynamic android malware category classification using semi-supervised deep learning |
| title_full_unstemmed |
Dynamic android malware category classification using semi-supervised deep learning |
| title_sort |
dynamic android malware category classification using semi-supervised deep learning |
| publisher |
IEEE |
| publishDate |
2020 |
| url |
http://irep.iium.edu.my/85914/3/DASC_best_student%20paper.pdf http://irep.iium.edu.my/85914/9/85914%20Dynamic%20Android%20Malware%20Category%20Classification.pdf http://irep.iium.edu.my/85914/15/85914_Dynamic%20Android%20Malware%20Category%20Classification%20using%20Semi-Supervised%20SCOPUS.pdf http://irep.iium.edu.my/85914/ https://ieeexplore.ieee.org/document/9251198 |
| _version_ |
1690370748020948992 |
| score |
13.211869 |