School of Computer Science, Umm Al-Qura University, Mecca, Saudi Arabia.
School of Computer Science, University College Dublin, Belfield, Dublin, Ireland.
Comput Intell Neurosci. 2022 May 20;2022:8634784. doi: 10.1155/2022/8634784. eCollection 2022.
It is critical to successfully identify, mitigate, and fight against Android malware assaults, since Android malware has long been a significant threat to the security of Android applications. Identifying and categorizing dangerous applications into categories that are similar to one another are especially important in the development of a safe Android app ecosystem. The categorization of malware families may be used to improve the efficiency of the malware detection process as well as to systematically identify malicious trends. In this study, we proposed a modified ResNeXt model by embedding a new regularization technique to improve the classification task. In addition, we present a comprehensive evaluation of the Android malware classification and detection using our modified ResNeXt. The nonintuitive malware's features are converted into fingerprint images in order to extract the rich information from the input data. In addition, we applied fine-tuned deep learning (DL) based on the convolutional neural network (CNN) on the visualized malware samples to automatically obtain the discriminatory features that separate normal from malicious data. Using DL techniques not only avoids the domain expert costs but also eliminates the frequent need for the feature engineering methods. Furthermore, we evaluated the effectiveness of the modified ResNeXt model in the classification process by testing a total of fifteen different combinations of the Android malware image sections on the Drebin dataset. In this study, we only use grayscale malware images from a modified ResNeXt to analyze the malware samples. The experimental results show that the modified ResNeXt successfully achieved an accuracy of 98.25% using Android certificates only. Furthermore, we undertook extensive trials on the dataset in order to confirm the efficacy of our methodology, and we compared our approach with several existing methods. Finally, this article reveals the evaluation of different models and a much more precise option for malware identification.
成功识别、减轻和抵御 Android 恶意软件攻击至关重要,因为 Android 恶意软件长期以来一直是 Android 应用程序安全的重大威胁。将危险应用程序识别并分类为彼此相似的类别,对于开发安全的 Android 应用程序生态系统尤为重要。恶意软件家族的分类可用于提高恶意软件检测过程的效率,并系统地识别恶意趋势。在这项研究中,我们通过嵌入新的正则化技术来改进分类任务,提出了一种改进的 ResNeXt 模型。此外,我们还使用改进的 ResNeXt 对 Android 恶意软件分类和检测进行了全面评估。非直观的恶意软件特征被转换为指纹图像,以便从输入数据中提取丰富的信息。此外,我们将基于卷积神经网络 (CNN) 的微调深度学习 (DL) 应用于可视化的恶意软件样本,以自动获得区分正常和恶意数据的判别特征。使用 DL 技术不仅避免了领域专家的成本,而且还消除了对特征工程方法的频繁需求。此外,我们通过在 Drebin 数据集上测试十五种不同的 Android 恶意软件图像部分组合,评估了改进的 ResNeXt 模型在分类过程中的有效性。在本研究中,我们仅使用灰度恶意软件图像从改进的 ResNeXt 来分析恶意软件样本。实验结果表明,改进的 ResNeXt 仅使用 Android 证书即可成功达到 98.25%的准确率。此外,我们对数据集进行了广泛的试验,以确认我们方法的有效性,并将我们的方法与几种现有方法进行了比较。最后,本文揭示了不同模型的评估以及恶意软件识别的更精确选择。
