4.6 Article

Android malware detection based on system call sequences and LSTM

期刊

MULTIMEDIA TOOLS AND APPLICATIONS
卷 78, 期 4, 页码 3979-3999

出版社

SPRINGER
DOI: 10.1007/s11042-017-5104-0

关键词

Android malware detection; System call sequences; Deep learning; LSTM language model

资金

  1. NSFC [61375054, 61402255, 61202358]
  2. National High-tech R&D Program of China [2015AA016102]
  3. Guangdong Natural Science Foundation [2015A030310492, 2014A030313745]
  4. RD Program of Shenzhen [JCYJ20150630170146831, JCYJ20160301152145171, JCYJ20160531174259309, JSGG20150512162853495, Shenfagai [2015] 986]
  5. Cross fund of Graduate School at Shenzhen, Tsinghua University [JC20140001]

向作者/读者索取更多资源

As Android-based mobile devices become increasingly popular, malware detection on Android is very crucial nowadays. In this paper, a novel detection method based on deep learning is proposed to distinguish malware from trusted applications. Considering there is some semantic information in system call sequences as the natural language, we treat one system call sequence as a sentence in the language and construct a classifier based on the Long Short-Term Memory (LSTM) language model. In the classifier, at first two LSTM models are trained respectively by the system call sequences from malware and those from benign applications. Then according to these models, two similarity scores are computed. Finally, the classifier determines whether the application under analysis is malicious or trusted by the greater score. Thorough experiments show that our approach can achieve high efficiency and reach high recall of 96.6% with low false positive rate of 9.3%, which is better than the other methods.

作者

我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。

评论

主要评分

4.6
评分不足

次要评分

新颖性
-
重要性
-
科学严谨性
-
评价这篇论文

推荐

暂无数据
暂无数据