A multimodal deep learning method for android malware detection using various features

Taeguen Kim, Boojoong Kang, Mina Rho, Sakir Sezer, Eul Gyu Im

Research output: Contribution to journalArticleResearchpeer-review

4 Citations (Scopus)

Abstract

With the widespread use of smartphones, the number of malware has been increasing exponentially. Among smart devices, android devices are the most targeted devices by malware because of their high popularity. This paper proposes a novel framework for android malware detection. Our framework uses various kinds of features to reflect the properties of android applications from various aspects, and the features are refined using our existence-based or similarity-based feature extraction method for effective feature representation on malware detection. Besides, a multimodal deep learning method is proposed to be used as a malware detection model. This paper is the first study of the multimodal deep learning to be used in the android malware detection. With our detection model, it was possible to maximize the benefits of encompassing multiple feature types. To evaluate the performance, we carried out various experiments with a total of 41 260 samples. We compared the accuracy of our model with that of other deep neural network models. Furthermore, we evaluated our framework in various aspects including the efficiency in model updates, the usefulness of diverse features, and our feature representation method. In addition, we compared the performance of our framework with those of other existing methods including deep learning-based methods.

Original languageEnglish
Article number8443370
Pages (from-to)773-788
Number of pages16
JournalIEEE Transactions on Information Forensics and Security
Volume14
Issue number3
DOIs
StatePublished - 2019 Mar 1

Fingerprint

Smartphones
Deep learning
Malware
Feature extraction
Experiments
Deep neural networks

Keywords

  • Android malware
  • intrusion detection
  • machine learning
  • malware detection
  • neural network

Cite this

@article{06f15ac25872462485fdd69218251a51,
title = "A multimodal deep learning method for android malware detection using various features",
abstract = "With the widespread use of smartphones, the number of malware has been increasing exponentially. Among smart devices, android devices are the most targeted devices by malware because of their high popularity. This paper proposes a novel framework for android malware detection. Our framework uses various kinds of features to reflect the properties of android applications from various aspects, and the features are refined using our existence-based or similarity-based feature extraction method for effective feature representation on malware detection. Besides, a multimodal deep learning method is proposed to be used as a malware detection model. This paper is the first study of the multimodal deep learning to be used in the android malware detection. With our detection model, it was possible to maximize the benefits of encompassing multiple feature types. To evaluate the performance, we carried out various experiments with a total of 41 260 samples. We compared the accuracy of our model with that of other deep neural network models. Furthermore, we evaluated our framework in various aspects including the efficiency in model updates, the usefulness of diverse features, and our feature representation method. In addition, we compared the performance of our framework with those of other existing methods including deep learning-based methods.",
keywords = "Android malware, intrusion detection, machine learning, malware detection, neural network",
author = "Taeguen Kim and Boojoong Kang and Mina Rho and Sakir Sezer and Im, {Eul Gyu}",
year = "2019",
month = "3",
day = "1",
doi = "10.1109/TIFS.2018.2866319",
language = "English",
volume = "14",
pages = "773--788",
journal = "IEEE Transactions on Information Forensics and Security",
issn = "1556-6013",
number = "3",

}

A multimodal deep learning method for android malware detection using various features. / Kim, Taeguen; Kang, Boojoong; Rho, Mina; Sezer, Sakir; Im, Eul Gyu.

In: IEEE Transactions on Information Forensics and Security, Vol. 14, No. 3, 8443370, 01.03.2019, p. 773-788.

Research output: Contribution to journalArticleResearchpeer-review

TY - JOUR

T1 - A multimodal deep learning method for android malware detection using various features

AU - Kim, Taeguen

AU - Kang, Boojoong

AU - Rho, Mina

AU - Sezer, Sakir

AU - Im, Eul Gyu

PY - 2019/3/1

Y1 - 2019/3/1

N2 - With the widespread use of smartphones, the number of malware has been increasing exponentially. Among smart devices, android devices are the most targeted devices by malware because of their high popularity. This paper proposes a novel framework for android malware detection. Our framework uses various kinds of features to reflect the properties of android applications from various aspects, and the features are refined using our existence-based or similarity-based feature extraction method for effective feature representation on malware detection. Besides, a multimodal deep learning method is proposed to be used as a malware detection model. This paper is the first study of the multimodal deep learning to be used in the android malware detection. With our detection model, it was possible to maximize the benefits of encompassing multiple feature types. To evaluate the performance, we carried out various experiments with a total of 41 260 samples. We compared the accuracy of our model with that of other deep neural network models. Furthermore, we evaluated our framework in various aspects including the efficiency in model updates, the usefulness of diverse features, and our feature representation method. In addition, we compared the performance of our framework with those of other existing methods including deep learning-based methods.

AB - With the widespread use of smartphones, the number of malware has been increasing exponentially. Among smart devices, android devices are the most targeted devices by malware because of their high popularity. This paper proposes a novel framework for android malware detection. Our framework uses various kinds of features to reflect the properties of android applications from various aspects, and the features are refined using our existence-based or similarity-based feature extraction method for effective feature representation on malware detection. Besides, a multimodal deep learning method is proposed to be used as a malware detection model. This paper is the first study of the multimodal deep learning to be used in the android malware detection. With our detection model, it was possible to maximize the benefits of encompassing multiple feature types. To evaluate the performance, we carried out various experiments with a total of 41 260 samples. We compared the accuracy of our model with that of other deep neural network models. Furthermore, we evaluated our framework in various aspects including the efficiency in model updates, the usefulness of diverse features, and our feature representation method. In addition, we compared the performance of our framework with those of other existing methods including deep learning-based methods.

KW - Android malware

KW - intrusion detection

KW - machine learning

KW - malware detection

KW - neural network

UR - http://www.scopus.com/inward/record.url?scp=85052690288&partnerID=8YFLogxK

U2 - 10.1109/TIFS.2018.2866319

DO - 10.1109/TIFS.2018.2866319

M3 - Article

VL - 14

SP - 773

EP - 788

JO - IEEE Transactions on Information Forensics and Security

JF - IEEE Transactions on Information Forensics and Security

SN - 1556-6013

IS - 3

M1 - 8443370

ER -