Advanced Search
Volume 48 Issue 5
May  2022
Turn off MathJax
Article Contents
Abstract
References
Journal of Beijing University of Aeronautics and Astronautics  > 2022  >  48(5): 795-804.
Liu Tao, Zhao Yushan, Shi Peng, et al. Combined simulation system design for trajectory planning of spacecraft proximity guidance[J]. Journal of Beijing University of Aeronautics and Astronautics, 2012, (4): 513-518. (in Chinese)
Citation: HAO Jingwei, LUO Senlin, ZHANG Hanqing, et al. Android malicious APP multi-view family classification method[J]. Journal of Beijing University of Aeronautics and Astronautics, 2022, 48(5): 795-804. doi: 10.13700/j.bh.1001-5965.2020.0658(in Chinese)
shu

Android malicious APP multi-view family classification method

doi: 10.13700/j.bh.1001-5965.2020.0658
  • 1.

    School of Information and Electronics, Beijing Institute of Technology, Beijing 100081, China

  • 2.

    National Computer Network Emergency Response Technical Team and Coordination Center, Beijing 100029, China

Funds:

242 National Information Security Projects 2019A012

2020 Information Security Software Project of the Ministry of Industry and Information Technology CEIEC-2020-ZM02-0134

More Information
  • Corresponding author: YANG Peng, E-mail: yp@cert.org.cn
  • Received Date: 25 Nov 2020
  • Accepted Date: 25 Dec 2020
  • Publish Date: 20 May 2022
    Abstract

  • Aimed at the problems of incompleteness and singularization of feature construction in the existing Android malware family classification methods, a malicious APP family classification method based on multi-view features regularization and convolutional neural network (CNN) is proposed. We combine the MiniHash algorithm to visualize the original features of the three perspectives which contain APIs of Android framework, opcode sequences, and permissions and Intents in AndroidManifest.xml file, while retaining the similarity among APPs. The feature extraction and information fusion of each view are accomplished through a multi-view convolutional neural network, and then build a set of malicious APP family classification models. The experimental results based on Drebin, Genome and AMD public datasets show that the classification accuracy of malicious APP family is over 0.96, which proves that the proposed method can fully exploit the behavioral characteristic information of various perspectives and effectively make use of the heterogeneous characteristics among multiple perspectives, which has strong practical value.

     

    • FullText(HTML)
    • References(17)
  • [1]
    SCHULTZ M G, ESKIN E, ZADOK E, et al. Data mining methods for detection of new malicious executables[C]//Proceedings 2001 IEEE Symposium on Security and Privacy. Piscataway: IEEE Press, 2000: 38-49.
    [2]
    ABOU-ASSALEH T, CERCONE N, KESELJ V, et al. Detection of new malicious code using N-grams signatures[C]// Second Annual Conference on Privacy Security and Trust. Piscataway: IEEE Press, 2004: 193-196.
    [3]
    PARK Y H, REEVES D S, STAMP M. Deriving common malware behavior through graph clustering[J]. Computers & Security, 2013, 39: 419-430.
    [4]
    SHEEN S, KARTHIK R, ANITHA R. Comparative study of two-and multi-classification-based detection of malicious executables using soft computing techniques on exhaustive feature set[M]//KRISHNAN G S S, ANITHA R, LEKSHMI R S, et al. Computational intelligence, cyber security and computational models. Berlin: Springer, 2014: 215-225.
    [5]
    SUAREZ-TANGIL G, TAPIADOR J E, PERISLOPEZ P, et al. Dendroid: A text mining approach to analyzing and classifying code structures in Android malware families[J]. Expert Systems with Applications, 2014, 41(4): 1104-1117. doi: 10.1016/j.eswa.2013.07.106
    [6]
    FAN M, LIU J, LUO X P, et al. Android malware familial classification and representative sample selection via frequent subgraph analysis[J]. IEEE Transactions on Information Forensics and Security, 2018, 13(8): 1890-1905. doi: 10.1109/TIFS.2018.2806891
    [7]
    JOSHUA G, MAHMOUD H, MALEK S. Lightweight, obfuscation-resilient detection and family identification of Android malware[C]//IEEE/ACM 40th International Conference on Software Engineering. Piscataway: IEEE Press, 2018: 497-497.
    [8]
    ZHANG L, THING V, CHENG Y. A scalable and extensible framework for Android malware detection and family attribution[J]. Computers & Security, 2019, 80: 120-133.
    [9]
    PEKTAS A, ACARMAN T. Deep learning for effective Android malware detection using API call graph embeddings[J]. Soft Computing, 2020, 24(2): 1027-1043. doi: 10.1007/s00500-019-03940-5
    [10]
    GAO T C, PENG W, SISODIA D, et al. Android malware detection via graphlet sampling[J]. IEEE Transactions on Mobile Computing, 2019, 18(12): 2754-2767. doi: 10.1109/TMC.2018.2880731
    [11]
    ZHANG M, DUAN Y, YIN H, et al. Semantics-aware Android malware classification using weighted contextual API dependency graphs[C]//Proceedings of the 2014 Conference on Computer and Communications Security. New York: ACM, 2014: 1105-1116.
    [12]
    AAFER Y, DU W, YIN H. DroidAPIMiner: Mining API-level features for robust malware detection in Android[C]//International Conference on Security and Privacy in Communication Systems. Berlin: Springer, 2013: 86-103.
    [13]
    CAI H, MENG N, RYDER B, et al. DroidCat: Effective Android malware detection and categorization via APP-level profiling[J]. IEEE Transactions on Information Forensics and Security, 2019, 14(6): 1455-1470. doi: 10.1109/TIFS.2018.2879302
    [14]
    SUN G, QIAN Q. Deep learning and visualization for identifying malware families[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(1): 283-295. doi: 10.1109/TDSC.2018.2884928
    [15]
    ARP D, SPREITZENBARTH M, HUBNER M. Drebin: Effective and explainable detection of Android malware in your pocket[C]//21st Annual Network and Distributed System Security Symposium, 2014: 23-26.
    [16]
    ZHOU Y, JIANG X. Dissecting Android malware: Characterization and evolution[C]//Proceedings of the 2012 IEEE Symposium on Security and Privacy. Piscataway: IEEE Press, 2012: 95-109.
    [17]
    LI Y, JANG J, HU X, et al. Android malware clustering through malicious payload mining[C]//International Symposium on Research in Attacks. Berlin: Springer, 2017: 192-214.
    • Relative Articles

  • Relative Articles

    [1]LIU C J,QIAO Z,YAN H W,et al. Semantic segmentation network of remote sensing images based on dual path supervision[J]. Journal of Beijing University of Aeronautics and Astronautics,2025,51(3):732-741 (in Chinese). doi: 10.13700/j.bh.1001-5965.2023.0155.
    [2]REN Liqiang, WANG Haipeng, PAN Xinlong, WAN Bing, TANG Tiantian. A complex maneuver recognition method based on wavelet time-frequency image and lightweight CNN-Transformer hybrid neural network[J]. Journal of Beijing University of Aeronautics and Astronautics. doi: 10.13700/j.bh.1001-5965.2024.0745
    [3]CHEN Hao, LIU Tong, ZHANG Yanxin. Satellite platform classification based on deep neural network using Photometric data[J]. Journal of Beijing University of Aeronautics and Astronautics. doi: 10.13700/j.bh.1001-5965.2024.0319
    [4]TIAN Jiaqi, QIN Guoxuan, ZHANG Wei. Fire-and-smoke detection algorithm based on convolutional attention and feature fusion[J]. Journal of Beijing University of Aeronautics and Astronautics. doi: 10.13700/j.bh.1001-5965.2024.0173
    [5]GAO F,MENG D S,XIE Z Y,et al. Multi-source remote sensing image classification based on Transformer and dynamic 3D-convolution[J]. Journal of Beijing University of Aeronautics and Astronautics,2024,50(2):606-614 (in Chinese). doi: 10.13700/j.bh.1001-5965.2022.0397.
    [6]YANG J,ZHANG C. Semantic segmentation of point clouds by fusing dual attention mechanism and dynamic graph convolution[J]. Journal of Beijing University of Aeronautics and Astronautics,2024,50(10):2984-2994 (in Chinese). doi: 10.13700/j.bh.1001-5965.2022.0775.
    [7]ZHANG Luyihang, YANG Yanming, CHEN Yongzhan, LI Junliang, DAI Haomin. Remaining Useful Life life prediction of variable-operating turbofan engine based on VMD-CNN-BiLSTM[J]. Journal of Beijing University of Aeronautics and Astronautics. doi: 10.13700/j.bh.1001-5965.2021.0051
    [8]XIAO Bo, GUO Fang, WANG Rong, ZENG Zhaolong. Abnormal Behavior Detection Method Based on Multi-modal Feature Fusion[J]. Journal of Beijing University of Aeronautics and Astronautics. doi: 10.13700/j.bh.1001-5965.2024.0455
    [9]SHI Yangyu, XIE Chengjie, ZHENG Diwen, LU Shuhua. Multi-scale anomaly behavior detection based on Mamba-CNN[J]. Journal of Beijing University of Aeronautics and Astronautics. doi: 10.13700/j.bh.1001-5965.2024.0416
    [10]LIU Z Y,ZHANG G,LIU H R,et al. Software robot-based application behavior simulation for cyber security range in industrial control field[J]. Journal of Beijing University of Aeronautics and Astronautics,2024,50(7):2237-2244 (in Chinese). doi: 10.13700/j.bh.1001-5965.2022.0597.
    [11]WU Kaijun, PU Zhuo. Object Detection for UAV Viewpoint Images based on Feature Information Complementation and Enhancement[J]. Journal of Beijing University of Aeronautics and Astronautics. doi: 10.13700/j.bh.1001-5965.2024.0190
    [12]YANG Jun, ZHANG Jin-ying. U-shaped semantic segmentation network of high-resolution remote sensing images embedded with the self-attention mechanism[J]. Journal of Beijing University of Aeronautics and Astronautics. doi: 10.13700/j.bh.1001-5965.2023.0269
    [13]WEN P,CHENG Y L,WANG P,et al. Ground object classification based on height-aware multi-scale graph convolution network[J]. Journal of Beijing University of Aeronautics and Astronautics,2023,49(6):1471-1478 (in Chinese). doi: 10.13700/j.bh.1001-5965.2021.0434.
    [14]PU L,LI H L,HOU Z Q,et al. Siamese network tracking based on high level semantic embedding[J]. Journal of Beijing University of Aeronautics and Astronautics,2023,49(4):792-803 (in Chinese). doi: 10.13700/j.bh.1001-5965.2021.0319.
    [15]LYU Z Y,NIE X Y,ZHAO A B. Prediction of wing aerodynamic coefficient based on CNN[J]. Journal of Beijing University of Aeronautics and Astronautics,2023,49(3):674-680 (in Chinese). doi: 10.13700/j.bh.1001-5965.2021.0276.
    [16]HUANG Jun, FAN Hao-dong, HONG Xu-dong, LI Xue. Semantic information guided multi-label image classification[J]. Journal of Beijing University of Aeronautics and Astronautics. doi: 10.13700/j.bh.1001-5965.2023.0382
    [17]DING Y,ZHANG Z L,ZHAO X F,et al. Semi-supervised locality preserving dense graph convolution for hyperspectral image classification[J]. Journal of Beijing University of Aeronautics and Astronautics,2023,49(12):3409-3418 (in Chinese). doi: 10.13700/j.bh.1001-5965.2022.0109.
    [18]YANG Yuchen, ZHANG Zenghui, YAN Jianing, ZHANG Jing, YANG Lingyu. Dual-channel control of hypersonic flight vehicles based on bounded perturbation analysis of eigenvalues[J]. Journal of Beijing University of Aeronautics and Astronautics, 2022, 48(10): 2020-2030. doi: 10.13700/j.bh.1001-5965.2021.0053
    [19]LIU Hao, YANG Xiaoshan, XU Changsheng. Long-tail image captioning with dynamic semantic memory network[J]. Journal of Beijing University of Aeronautics and Astronautics, 2022, 48(8): 1399-1408. doi: 10.13700/j.bh.1001-5965.2021.0518
    [20]TIAN Limei, GONG Mengtong, TANG Diyin, HAN Danyang, YU Jinsong, LI Chunwei. Degradation indicator extraction for aerospace CMG based on power consumption analysis[J]. Journal of Beijing University of Aeronautics and Astronautics, 2022, 48(10): 1899-1905. doi: 10.13700/j.bh.1001-5965.2021.0060
    • Supplements(0)
    • Cited By
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Figures(6)  / Tables(7)

    Get Citation
    PDF
    XML

    Article Metrics

    Article views(760) PDF downloads(175) Cited by()
    Proportional views
    Related

    Copyright © Journal of Beijing University of Aeronautics and Astronautics

    Address: Editorial Department of Journal of Beijing University of Aeronautics and Astronautics, 37 Xueyuan Road, Haidian District, Beijing Post Code: 100191 Email: jbuaa@buaa.edu.cn

    Supported by: Beijing Renhe Information Technology Co., Ltd.  

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return