Dynamic android malware category classification using semi-supervised deep learning

Mahdavifar, Samaneh and Kadir, Andi Fitriah Abdul and Fatemi, Rasool and Alhadidi, Dima and Ghorbani, Ali A (2020) Dynamic android malware category classification using semi-supervised deep learning. In: 2020 IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2020, 17th-22nd August 2020, Calgary, AB, Canada.

	PDF (Certificate) - Supplemental Material Restricted to Registered users only Download (334kB) \| Request a copy
	PDF - Published Version Restricted to Registered users only Download (921kB) \| Request a copy
	PDF (SCOPUS) - Supplemental Material Restricted to Registered users only Download (325kB) \| Request a copy

Official URL: https://ieeexplore.ieee.org/document/9251198

Abstract

Due to the significant threat of Android mobile malware, its detection has become increasingly important. Despite the academic and industrial attempts, devising a robust and efficient solution for Android malware detection and category classification is still an open problem. Supervised machine learning has been used to solve this issue. However, it is far to be perfect because it requires a significant amount of malicious and benign code to be identified and labeled beforehand. Since labeled data is expensive and difficult to get while unlabeled data is abundant and cheap in this context, we resort to a semi-supervised learning technique for deep neural networks, namely pseudo-label, which we train using a set of labeled and unlabeled instances. We use dynamic analysis to craft dynamic behavior profiles as feature vectors. Furthermore, we develop a new dataset, namely CICMalDroid2020, which includes 17,341 most recent samples of five different Android apps categories: Adware, Banking, SMS, Riskware, and Benign. Our offered dataset comprises the most complete captured static and dynamic features among publicly available datasets. We evaluate our proposed model on CICMalDroid2020 and conduct a comparison with Label Propagation (LP), a well-known semi-supervised machine learning technique, and other common machine learning algorithms. The experimental results show that the model can classify Android apps with respect to malware category with F 1 -Score of 97.84 percent and a false positive rate of 2.76 percent, considerably higher than LP. These results demonstrate the robustness of our model despite the small number of labeled instances.

Item Type:	Conference or Workshop Item (Invited Papers)
Additional Information:	Virtual Conference
Uncontrolled Keywords:	Malware, Category Classification, Android, Dynamic Analysis, Semi-Supervised Learning, Deep Learning, Dynamic Behavior Profiles
Subjects:	T Technology > T Technology (General)
Kulliyyahs/Centres/Divisions/Institutes (Can select more than one option. Press CONTROL button):	Kulliyyah of Information and Communication Technology Kulliyyah of Information and Communication Technology
Depositing User:	Dr Andi Fitriah Abdul Kadir
Date Deposited:	17 Dec 2020 15:48
Last Modified:	17 Jan 2021 13:28
URI:	http://irep.iium.edu.my/id/eprint/85914

Actions (login required)

View Item

Download Statistics

Downloads

Downloads per month over past year