Android Malware Detection Based on Structural Features of the Function Call Graph
The openness of Android operating system not only brings convenience to users, but also leads to the attack threat from a large number of malicious applications (apps). Thus malware detection has become the research focus in the field of mobile security. In order to solve the problem of more coarse-...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2021-01-01
|
| Series: | Electronics |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2079-9292/10/2/186 |
| id |
doaj-ae816188f5ff49bba106ebc9d2ea44ca |
|---|---|
| record_format |
Article |
| spelling |
doaj-ae816188f5ff49bba106ebc9d2ea44ca2021-01-16T00:02:45ZengMDPI AGElectronics2079-92922021-01-011018618610.3390/electronics10020186Android Malware Detection Based on Structural Features of the Function Call GraphYang Yang0Xuehui Du1Zhi Yang2Xing Liu3Zhengzhou Information Science and Technology Institute, Information Engineering University, Zhengzhou 450001, ChinaZhengzhou Information Science and Technology Institute, Information Engineering University, Zhengzhou 450001, ChinaZhengzhou Information Science and Technology Institute, Information Engineering University, Zhengzhou 450001, ChinaInformation Security Research Center, China Electronics Standardization Institute, Beijing 100007, ChinaThe openness of Android operating system not only brings convenience to users, but also leads to the attack threat from a large number of malicious applications (apps). Thus malware detection has become the research focus in the field of mobile security. In order to solve the problem of more coarse-grained feature selection and larger feature loss of graph structure existing in the current detection methods, we put forward a method named DGCNDroid for Android malware detection, which is based on the deep graph convolutional network. Our method starts by generating a function call graph for the decompiled Android application. Then the function call subgraph containing the sensitive application programming interface (API) is extracted. Finally, the function call subgraphs with structural features are trained as the input of the deep graph convolutional network. Thus the detection and classification of malicious apps can be realized. Through experimentation on a dataset containing 11,120 Android apps, the method proposed in this paper can achieve detection accuracy of 98.2%, which is higher than other existing detection methods.https://www.mdpi.com/2079-9292/10/2/186Androidmalware detectionfunction call graphgraph convolutional network |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Yang Yang Xuehui Du Zhi Yang Xing Liu |
| spellingShingle |
Yang Yang Xuehui Du Zhi Yang Xing Liu Android Malware Detection Based on Structural Features of the Function Call Graph Electronics Android malware detection function call graph graph convolutional network |
| author_facet |
Yang Yang Xuehui Du Zhi Yang Xing Liu |
| author_sort |
Yang Yang |
| title |
Android Malware Detection Based on Structural Features of the Function Call Graph |
| title_short |
Android Malware Detection Based on Structural Features of the Function Call Graph |
| title_full |
Android Malware Detection Based on Structural Features of the Function Call Graph |
| title_fullStr |
Android Malware Detection Based on Structural Features of the Function Call Graph |
| title_full_unstemmed |
Android Malware Detection Based on Structural Features of the Function Call Graph |
| title_sort |
android malware detection based on structural features of the function call graph |
| publisher |
MDPI AG |
| series |
Electronics |
| issn |
2079-9292 |
| publishDate |
2021-01-01 |
| description |
The openness of Android operating system not only brings convenience to users, but also leads to the attack threat from a large number of malicious applications (apps). Thus malware detection has become the research focus in the field of mobile security. In order to solve the problem of more coarse-grained feature selection and larger feature loss of graph structure existing in the current detection methods, we put forward a method named DGCNDroid for Android malware detection, which is based on the deep graph convolutional network. Our method starts by generating a function call graph for the decompiled Android application. Then the function call subgraph containing the sensitive application programming interface (API) is extracted. Finally, the function call subgraphs with structural features are trained as the input of the deep graph convolutional network. Thus the detection and classification of malicious apps can be realized. Through experimentation on a dataset containing 11,120 Android apps, the method proposed in this paper can achieve detection accuracy of 98.2%, which is higher than other existing detection methods. |
| topic |
Android malware detection function call graph graph convolutional network |
| url |
https://www.mdpi.com/2079-9292/10/2/186 |
| work_keys_str_mv |
AT yangyang androidmalwaredetectionbasedonstructuralfeaturesofthefunctioncallgraph AT xuehuidu androidmalwaredetectionbasedonstructuralfeaturesofthefunctioncallgraph AT zhiyang androidmalwaredetectionbasedonstructuralfeaturesofthefunctioncallgraph AT xingliu androidmalwaredetectionbasedonstructuralfeaturesofthefunctioncallgraph |
| _version_ |
1724336279029547008 |