Computer Science

Computer Science ›› 2023, Vol. 50 ›› Issue (4): 351-358.doi: 10.11896/jsjkx.220300200

• Information Security • Previous Articles     Next Articles

Android Malware Family Classification Method Based on Synthetic Image and Xception Improved Model

YU Xingzhan, LU Tianliang, DU Yanhui, WANG Xirui, YANG Cheng   

  1. Collage of Information and Cyber Security,People’s Public Security University of China,Beijing 100038,China
  • Received:2022-03-21 Revised:2022-06-13 Online:2023-04-15 Published:2023-04-06
  • About author:YU Xingzhan,born in 1995,master.His main research interests include cyber security and malware detection.
    LU Tianliang,born in 1985,Ph.D,associate professor,Ph.D supervisor.His main research interests include cyber security and artificial intelligence.
  • Supported by:
    National Social Science Foundation of China(20AZD114) and Fundamental Research Funds for the Central Universities(2020JKF101).

PDF (PC)

301

Abstract: Aiming at the problems in the field of Android malicious family detection,such as insufficient code visualization method construction information,large classification effect affected by the number of data sets and low classification accuracy,an Android malicious family classification method based on multi feature file synthetic image and Xception improved model is proposed.Fir-stly,three feature files corresponding to RGB multi-channel are selected to synthesize color images.Then,the improved Xception model introduces the focal loss function to alleviate the negative impact caused by the uneven distribution of samples.Finally,the attention mechanism is integrated into the improved model to extract the image features of malicious code from different dimensions,which improves the classification effect of the model.Experimental results show that the malicious code images synthesized by the proposed method contain richer features,have higher accuracy than the mainstream malicious family classification methods,and have better classification effect for unbalanced data sets.

Key words: Malware visualization, Android malware family classification, Attention mechanism, focal loss, Xception

CLC Number: 

  • TP309
[1]TAM K,FEIZOLLAH A,AMUAR N B,et al.The evolution of android malware and android analysis techniques[J].ACM Computing Surveys(CSUR),2017,49(4):1-41.
[2]FAN M,LIU J,LUO X,et al.Android malware familial classification and representative sample selection via frequent subgraph analysis[J].IEEE Transactions on Information Forensics and Security,2018,13(8):1890-1905.
[3]HSIEN-DE HUANG T T,KAO H Y.R2-d2:Color-inspiredconvolutional neural network (cnn)-based android malware detections[C]//2018 IEEE International Conference on Big Data(Big Data).IEEE,2018:2633-2642.
[4]HASEGAWA C,IYATOMI H.One-dimensional convolutional neural networks for Android malware detection[C]//2018 IEEE 14th International Colloquium on Signal Processing & Its Applications(CSPA).IEEE,2018:99-102.
[5]WANG W,ZHAO M,WANG J.Effective android malware detection with a hybrid model based on deep autoencoder and convolutional neural network[J].Journal of Ambient Intelligence and Humanized Computing,2019,10(8):3035-3043.
[6]WANG W,WANG X,FENG D,et al.Exploring permission-induced risk in android applications for malicious application detection[J].IEEE Transactions on Information Forensics and Security,2014,9(11):1869-1882.
[7]ZHU H J,YOU Z H,ZHU Z X,et al.Droiddet:Effective and robust detection of android malware using static analysis along with rotation forest model[J].Neurocomputing,2018,272:638-646.
[8]SUAREZ-TANGIL G,TAPIADOR J E,PERIS-LOPEZ P,et al.Dendroid:A text mining approach to analyzing and classi-fying code structures in android malware families[J].Expert Systems with Applications,2014,41(4):1104-1117.
[9]GORLA A,TAVECCHIA I,GROSS F,et al.Checking app behavior against app descriptions[C]//Proceedings of the 36th international conference on software engineering.2014:1025-1035.
[10]KUMAR A,SAGAR K P,KUPPUSAMY K S,et al.Machine learning based malware classification for Android applications using multimodal image representations[C]//2016 10th international conference on intelligent systems and control(ISCO).IEEE,2016:1-6.
[11]YEN Y S,SUN H M.An Android mutation malware detection based on deep learning using visualization of importance from codes[J].Microelectronics Reliability,2019,93:109-114.
[12]BAKOUR K,ÜNVER H M.DeepVisDroid:android malwaredetection by hybridizing image-based features with deep learning techniques[J].Neural Computing and Applications,2021,33(18):11499-11516.
[13]NATARAJ L,KARTHIKEYAN S,JACOB G,et al.Malware images:visualization and automatic classification[C]//Procee-dings of the 8th International Symposium on Visualization for Cyber Security.2011:1-7.
[14]LU X D,DUAN Z M,QIAN Y K,et al.Malicious code classification method based on deep forest[J].Journal of Software,2020,31(5):1454-1464.
[15]FU J,XUE J,WANG Y,et al.Malware visualization for fine-grained classification[J].IEEE Access,2018,6:14510-14523.
[16]HAN K S,KANG B J,IM E G.Malware analysis usingvisua-lized image matrices[J].The Scientific World Journal,2014,2014:1-15.
[17]KIRKLAND E J.Bilinear interpolation[M]//Advanced Computing in Electron Microscopy.Springer,Boston,MA,2010:261-263.
[18]CHOLLET F.Xception:Deep Learning with Depthwise Separable Convolutions[C]//2017 Conference on Computer Vision and Pattern Recognition(CVPR).2017:1800-1807.
[19]YANG G,SCHOENHOLZ S.Mean field residual networks:On the edge of chaos[J].Advances in Neural Information Proces-sing Systems,2017,30:7103-7114.
[20]WOO S,PARK J,LEE J Y,et al.Cbam:Convolutional block attention module[C]//Proceedings of the European Conference on Computer Vision(ECCV).2018:3-19.
[21]LIN T Y,GOYAL P,GIRSHICK R,et al.Focal loss for dense object detection[C]//Proceedings of the IEEE International Conference on Computer Vision.2017:2980-2988.
[22]KINGMA D P,BA J.Adam:A method for stochastic optimization[J].arXiv:1412.6980,2014.
[23]SENANAYAKE J,KALUTARAGE H,Al-KADRT M O.Android Mobile Malware Detection Using Machine Learning:A Systematic Review[J].Electronics,2021,10(13):1606.
[24]DAVULURU V S P,NARAYANAN B N,BALSTER E J.Convolutional neural networks as classification tools and feature extractors for distinguishing malware programs[C]//Proceedings of the 64th IEEE National Aerospace and Electronics Confe-rence.2019:273-278.
[25]KHAN R U,ZHANG X,KUMAR R.Analysis of ResNet and GoogleNet models for malware detection[J].Journal of Compu-ter Virology and Hacking Techniques,2019,15(1):29-37.
[26]KALASH M,ROCHAN M,MOHAMMED N,et al.Malware classification with deep convolutional neural networks[C]//2018 9th IFIP International Conference on New Technologies,Mobility and Security (NTMS).IEEE,2018:1-5.
[1] HAN Xueming, JIA Caiyan, LI Xuanya, ZHANG Pengfei. Dual-attention Network Model on Propagation Tree Structures for Rumor Detection [J]. Computer Science, 2023, 50(4): 22-31.
[2] YIN Heng, ZHANG Fan, LI Tianrui. Short-time Traffic Flow Forecasting Based on Multi-adjacent Graph and Multi-head Attention Mechanism [J]. Computer Science, 2023, 50(4): 40-46.
[3] LUO Xiaohui, WU Yun, WANG Chenxing, YU Wenting. Sequential Recommendation Model Based on User’s Long and Short Term Preference [J]. Computer Science, 2023, 50(4): 47-55.
[4] WANG Yali, ZHANG Fan, YU Zeng, LI Tianrui. Aspect-level Sentiment Classification Based on Interactive Attention and Graph Convolutional Network [J]. Computer Science, 2023, 50(4): 196-203.
[5] LI Shuai, XU Bin, HAN Yike, LIAO Tongxin. SS-GCN:Aspect-based Sentiment Analysis Model with Affective Enhancement and Syntactic Enhancement [J]. Computer Science, 2023, 50(3): 3-11.
[6] CHEN Fuqiang, KOU Jiamin, SU Limin, LI Ke. Multi-information Optimized Entity Alignment Model Based on Graph Neural Network [J]. Computer Science, 2023, 50(3): 34-41.
[7] ZHOU Mingqiang, DAI Kailang, WU Quanwang, ZHU Qingsheng. Attention-aware Multi-channel Graph Convolutional Rating Prediction Model for Heterogeneous Information Networks [J]. Computer Science, 2023, 50(3): 129-138.
[8] ZOU Yunzhu, DU Shengdong, TENG Fei, LI Tianrui. Visual Question Answering Model Based on Multi-modal Deep Feature Fusion [J]. Computer Science, 2023, 50(2): 123-129.
[9] QU Zhong, WANG Caiyun. Crack Detection of Concrete Pavement Based on Attention Mechanism and Lightweight DilatedConvolution [J]. Computer Science, 2023, 50(2): 231-236.
[10] LIU Luping, ZHOU Xin, CHEN Junjun, He Xiaohai, QING Linbo, WANG Meiling. Event Extraction Method Based on Conversational Machine Reading Comprehension Model [J]. Computer Science, 2023, 50(2): 275-284.
[11] CAI Xiao, CEHN Zhihua, SHENG Bin. SPT:Swin Pyramid Transformer for Object Detection of Remote Sensing [J]. Computer Science, 2023, 50(1): 105-113.
[12] ZHANG Jingyuan, WANG Hongxia, HE Peisong. Multitask Transformer-based Network for Image Splicing Manipulation Detection [J]. Computer Science, 2023, 50(1): 114-122.
[13] LI Xuehui, ZHANG Yongjun, SHI Dianxi, XU Huachi, SHI Yanyan. AFTM:Anchor-free Object Tracking Method with Attention Features [J]. Computer Science, 2023, 50(1): 138-146.
[14] ZHAO Qian, ZHOU Dongming, YANG Hao, WANG Changchen. Image Deblurring Based on Residual Attention and Multi-feature Fusion [J]. Computer Science, 2023, 50(1): 147-155.
[15] ZHENG Cheng, MEI Liang, ZHAO Yiyan, ZHANG Suhang. Text Classification Method Based on Bidirectional Attention and Gated Graph Convolutional Networks [J]. Computer Science, 2023, 50(1): 221-228.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.