Feature Importance and Deep Learning for Android Malware Detection

A. Talbi; A. Talbi; A. Viens; L.-C. Leroux; M. François; M. Caillol; N. Nguyen; N. Nguyen

doi:10.5220/0010875500003120

Feature Importance and Deep Learning for Android Malware Detection

A. Talbi, A. Talbi, A. Viens, L.-C. Leroux, M. François, M. Caillol, N. Nguyen, N. Nguyen

2022

Abstract

Effective and efficient malware detection is key in today’s world to prevent systems from being compromised, to protect personal user data, and to tackle other security issues. In this paper, we worked on Android malware detection by using static analysis features and deep learning methods to separate benign applications from malicious ones. Custom feature vectors are extracted from the Drebin and the AndroZoo dataset and different data science methods of feature importance are used to improve the results of Deep Neural Network classification. Experimental results on the Drebin dataset were significant with 99.31% accuracy in malware detection. We extended our work on more recent applications with a complete pipeline for the AndroZoo dataset, with about 40,000 APKs used from 2014 to 2021 pre-tagged as reported malicious or not. The pipeline includes static features extracted from the manifest file and bytecode such as suspicious behaviors, restricted and suspicious API calls, etc. The accuracy result for AndroZoo is 97.7%, confirming the power of deep learning on Android malware detection.

Download

Paper Citation

in Harvard Style

Talbi A., Viens A., Leroux L., François M., Caillol M. and Nguyen N. (2022). Feature Importance and Deep Learning for Android Malware Detection. In Proceedings of the 8th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-553-1, pages 453-462. DOI: 10.5220/0010875500003120

in Bibtex Style

@conference{icissp22,
author={A. Talbi and A. Viens and L.-C. Leroux and M. François and M. Caillol and N. Nguyen},
title={Feature Importance and Deep Learning for Android Malware Detection},
booktitle={Proceedings of the 8th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2022},
pages={453-462},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010875500003120},
isbn={978-989-758-553-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 8th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Feature Importance and Deep Learning for Android Malware Detection
SN - 978-989-758-553-1
AU - Talbi A.
AU - Viens A.
AU - Leroux L.
AU - François M.
AU - Caillol M.
AU - Nguyen N.
PY - 2022
SP - 453
EP - 462
DO - 10.5220/0010875500003120