While Android smartphones are widely used in 5G networks, third-party application platforms are facing a rapid increase in the screening of applications for market launch. However, on the one hand, due to the receipt of excessive applications for listing, the review requires a lot of time and computing resources. On the other hand, due to the multi-selectivity of Android application features, it is difficult to determine the best feature combination as a criterion for distinguishing benign and malicious software. To address these challenges, this paper proposes an efficient malware detection framework based on deep neural network called DLAMD that can face large-scale samples. An efficient detection framework is designed, which combines the pre-detection phase of rapid detection and the deep detection phase of deep detection. The Android application package (APK) is analyzed in detail, and the permissions and opcodes feature that can distinguish benign from malicious are quickly extracted from the APK. Besides, to obtain the feature subset that can distinguish the attributes most, the random forest with good effect is selected for importance selection and the convolutional neural network (CNN) which automatically extracted the hidden pattern inside features is selected for feature selection. In the experiment, real data from shared malware collection and third-party application download platforms are used to verify the high efficiency of the proposed method. The results show that the comprehensive classification index F1-score of DLAMD can reach 95.69%.
Bibliographical noteFunding Information:
This work is supported by the National Natural Science Foundation of China (Nos. 62072093 , 62072092 , and U1708262 ); the China Postdoctoral Science Foundation (No. 2019M653568 ); the Fundamental Research Funds for the Central Universities (No. N2023020 ); the Natural Science Foundation of Hebei Province of China (No. F2020501013 , 20310702D ) for co-authors in China and VC Research ( VCR 0000116 ) for Prof. Chang. Dan Li is the co-first author of this paper.
© 2021 Elsevier B.V.
Copyright 2021 Elsevier B.V., All rights reserved.