Username   Password       Forgot your password?  Forgot your username? 


Volume 14 - 2018

No.1 January 2018
No.1 January 2018
No.3 March 2018
No.3 March 2018
No.4 April 2018
No.4 April 2018
No.5 May 2018
No.5 May 2018
No.6 June 2018
No.6 June 2018
No.7 July 2018
No.7 July 2018
No.8 August 2018
No.8 August 2018
No.9 September 2018
No.9 September 2018
No.10 October 2018
No.10 October 2018
No.11 November 2018
No.11 November 2018
No.12 December 2018
No.12 December 2018

Volume 13 - 2017

No.4 July 2017
No.4 July 2017
No.5 September 2017
No.5 September 2017
No.7 November 2017
No.7 November 2017
No.8 December 2017
No.8 December 2017

Volume 12 - 2016

Volume 11 - 2015

Volume 10 - 2014

Volume 9 - 2013

Volume 8 - 2012

Volume 7 - 2011

Volume 6 - 2010

Volume 5 - 2009

Volume 4 - 2008

Volume 3 - 2007

Volume 2 - 2006


Andro_MD: Android Malware Detection based on Convolutional Neural Networks

Volume 14, Number 3, March 2018, pp. 397-412
DOI: 10.23940/ijpe.18.03.p1.397412

Nannan Xiea,b, Xiaoqiang Dia,b,*, Xing Wangc, and Jianping Zhaoa,b

aSchool of Computer Science and Technology, Changchun University of Science and Technology, Changchun, 130022, China
bJilin Provincial Key Laboratory of Network and Information Security, Changchun, 130022, China
cSchool of Computer Science and Information Technology, Beijing Jiaotong University, Beijing, 100044, China

(Submitted on December 20, 2017; Revised on January 21, 2018; Accepted on February 24, 2018)


Android OS maintains its dominance in smart terminal markets, which brings growing threats of malicious applications (apps). The research on Android malware detection has attracted attention from both academia and industry. How to improve the malware detection performance, what classifiers should be selected, and what features should be employed are all critical issues that need to be solved. Convolutional Neural Networks (CNN) is a typical deep learning technique that has achieved great performance in image and speech recognitions. In this work, we present an Android malware detection framework Andro_MD that can train and classify samples with a deep learning technique. The framework includes dataset construction and feature preprocessing, training and classification by CNN, and evaluation by experiments. First, an Android app dataset is constructed with 21,000 samples collected from third-party markets and 34,570 features of 7 categories. Second, we employ sequential and parallel models to train the extracted features and classify the malware apps. Finally, extensive experimental results show the effectiveness and feasibility of the proposed method. Comparisons with similar work and traditional classifiers show that Andro_MD has a better performance on malware detection, and its accuracy can achieve 99.25% with a FPR of 0.53%. The "request permissions" and "used permissions" feature categories have better performances with limited dimensions.


References: 44

1. D. Arp, M. Spreitzenbarth, M. Hbner, et al. “Drebin: Effective and Explainable Detection of Android Malware in Your Pocket,” in: Proc. NDSS’14, 2014.
2. K. Au, Y. Zhou, Z. Huang, et al. “PScout: Analyzing the Android Permission Specification,” in: Proc. of CCS’12, pp. 217-228, 2012
3. A. N. Baltaci, A. Kamil. “AntiWare: An Automated Android Malware Detection Tool Based on Machine Learning Approach and Official Market Metadata,” in: Proc. IEEE UEMCON, pp.20-22, 2016
4. D. Barrera, H. Kayacik, P. Oorschot, et al. “A Methodology for Empirical Analysis of Permission-based Security Models and Its Application to Android,” in: Proc. CCS 10, pp. 73-84, 2010
5. D. P. Chen, B. Mak. “Multitask Learning of Deep Neural Networks for Low-Resource Speech Recognition,” IEEE-ACM Trans. on Audio Speech and Language Processing, vol. 23, no. 7, pp.1172-1183, 2015
6. I. Chaturvedi, Y. S. Ong, I. W. Tsang, et al. “Learning Word Dependencies in Text by Means of A Deep Recurrent Belief Network,” Knowledge-based Systems, vol. 108, no. SI, pp. 144-154, 2016
7. P. Chan, L. Hui, S. Yiu. “Droidchecker: Analyzing Android Applications for Capability Leak,” in: Proc. WISEC’12, pp. 125-136, 2012
8. W. Chang, H. Sun, W. Wu. “An Android Behavior-based Malware Detection Method using Machine Learning,” in: Proc. IEEE ICSPCC, pp.5-8, 2016
9. M. Dietz, S. Shekhar, Y. Pisetsky et al. “Quire: Lightweight Provenance for Smart Phone Operating Systems,” in: Proc. USENIX Security Symp., pp.23-23, 2011
10. O. E. David, N. S. Netanyahu. “DeepSign: Deep Learning for Automatic Malware Signature Generation and Classification,” in: Proc. IJCNN, pp.1-8, 2015
11. W. Enck, M. Ongtang, P McDaniel. “On Lightweight Mobile Phone Application Certification,” in: Proc. CCS 09, pp. 235-245, 2009
12. K. Fukushima. “Neocognitron: A Self-organizing Neural Network Model for A Mechanism of Pattern Recognition Unaffected by Shift in Position,” Biological Cybernetics, vol. 36, no. 4, pp. 193-202, 1980
13. P. Felt, E. Chin, S. Hanna, et al. “Android Permissions Demystified,” in: Proc. CCS 11, pp. 627-638, 2011
14. C. Gao, Y. Cong, Y. Zheng, et al. “Recording Equipment Identifying Research Based on Convolution Neural Networks,” Informatization Research, vol. 42, no. 2, pp. 51-54, 2016
15. G. Hinton, S. Osindero, YW. Teh. “A Fast Learning Algorithm for Deep Belief Nets,” Neural Computation, vol. 18, no. 7, pp. 1527-1554, 2006
16. G. Hinton, R. Salakhutdinov. “Reducing the Dimensionality of Data with Neural Networks,” Science, vol. 313, no. 5786, pp. 504, 2006
17. H. Hubel, N. Wiesel. “Receptive Fields and Functional Architecture of Monkey Striate Cortex,” The Journal of Physiology, vol. 195, no. 1, pp. 215-243, 1968
18. J. Huang, X. Zhang, L. Yan, et al. “AsDroid: Detecting Stealthy Behaviors in Android Applications by User Interface and Program Behaviors Contradiction,” in: Proc. ICSE, pp. 1036-1046, 2014
19. W. Hou, X. Gao, D. Tao, et al. “Blind Image Quality Assessment via Deep Learning,” IEEE Trans. on Neural Networks and Learning Systems, vol. 26, no. 6, pp.1275-1286, 2015
20. S. Jurgen. “Deep Learning in Neural Networks: An Overview,” Neural Networks, vol. 61, pp. 85-117, 2015
21. A. Krizhevsky, I. Sutskever, G. Hinton. “Imagenet Classification with Deep Convolutional Neural Networks,” in: Proc. NIPS, pp. 1097-1105, 2012
22. L. Lu, Z. Li, Z. Wu, et al. “Chex: Statically Vetting Android Apps for Component Hijacking Vulnerabilities,” in: Proc. CCS 12, pp.229-240, 2012
23. X. Liu, S. Zhu, W. Wang, et al. “Alde: Privacy Risk Analysis of Analytics Libraries in the Android Ecosystem,” in: Proc. 12th SecureComm., pp.10-12, 2016
24. Y. LeCun, B. Boser, J. S. Denker, et al. “Back-propagation Applied to Handwritten Zip Code Recognition,” Neural Computation, vol. 1, no. 4, pp. 541-551, 1989
25. Y. LeCun, Y. Bengio, G. Hinton. “Deep Learning,” Nature, vol. 521, no. 7553, pp. 436-444, 2015
26. Y. LeCun, B. Leon, B. Yoshua, et al. “Gradient-based Learning Applied to Document Recognition,” in: Proc. of the IEEE, vol. 86, no. 11, pp. 2278-2324, 1998
27. M. Masud, S. Sahib, M. Abdollah, et al. “Analysis of Features Selection and Machine Learning Classifier in Android Malware Detection,” in: Proc. ICISA, pp.1-5, 2014
28. S. Qing. “Research Progress on Android Security,” Journal of Software, vol. 27, no.1, pp. 45-71, 2016
29. A. Shabtai, U. Kanonov, Y. Elovici, et al. “Andromaly: A Behavioral Malware Detection Framework for Android Devices,” Journal of Intelligent Information Systems, vol.38, no. 1, pp. 161-190, 2012
30. R. Salakhutdinov, G. Hinton. “Deep Boltzmann Machines,” in: Proc. AISTATS, pp. 448-455, 2009
31. “SCanDroid: Automated Security Certification of Android Applications,” Available at, Last accessed on August 7, 2017
32. “Smartphone OS Market Share,” Available at, Last accessed on August 1, 2016
33. Y. Sun, G. Wang, O. Tang. “Hybrid Deep Learning for Face Verification,” IEEE Trans. on Pattern Analysis and Machine Intelligence, vol. 38, no. 10, pp. 1997-2009, 2016
34. “VirusShare,”  Available at, Last accessed on April 4, 2016
35. “VirusTotal,”  Available at, Last accessed on January 1, 2016
36. S. Wu, P. Wang, Y. Zhang. “Effective Detection of Android Malware Based on the Usage of Data Flow APIs and Machine Learning,” Information & Software Technology, vol.75 , pp.17-25, 2016
37. W. Wang, Y. Li, X. Wang, et al. “Detecting Android Malicious Apps and Categorizing Benign Apps with Ensemble of Classifiers,” Future Generation Computer Systems (online first), 2017
38. W. Wang, X. Wang, D. Feng, et al. “Exploring Permission-induced Risk in Android Applications for Malicious Application Detection,” in: Proc. IEEE Trans. on Information Forensics and Security, pp.1869-1882, 2014
39. “Xmandroid: A New Android Evolution to Mitigate Privilege Escalation Attacks. Ruhr-University Bochum,” Available at publication/228960321_XManDroid_A_New_Android_Evolution_to_Mitigate_Privilege_Escalation_Attacks, Last accessed on October 5, 2017
40. X. L. Zhang, D. L. Wang. “A Deep Ensemble Learning Method for Monaural Speech Separation,” IEEE-ACM Trans. on Audio Speech and Language Processing, vol. 24, no. 5, pp. 967-977, 2016
41. Y. Zhang, Z. Liu, W. Zhou. “Event Recognition Based on Deep Learning in Chinese Texts,” PLOS ONE, vol.11, no. 8, 2016.
42. Y. Zhou, X. Jiang. “Detecting Android Malware: Characterization and Evolution,” in: Proc. of IEEE Symposium on SP, pp. 95-109, 2012
43. Z. L. Yuan, Y. Q. Lu, Z. G. Wang, et al. “Droid-Sec: Deep Learning in Android Malware Detection,” ACM Sigcomm Computer Communication Review, vol. 44, no. 4, pp. 371-372, 2014
44. Z. L. Yuan, Y. Q. Lu, Y. B. Xue. “DroidDetector: Android Malware Characterization and Detection Using Deep Learning,” Tsinghua Science and Technology, vol.21, no.1, pp.114-123, 2016


Please note : You will need Adobe Acrobat viewer to view the full articles.Get Free Adobe Reader

Download this file (IJPE-2018-03-15.pdf)IJPE-2018-03-15.pdf[Andro_MD: Android Malware Detection based on Convolutional Neural Networks]404 Kb


Prev Next

A Label Propagation Algorithm based on Circular Spread

Yong Wang, Xinzhen Fang, Jiahao Shi, and Jing Yang

Read more

Abnormal Information Identification and Elimination in Cognitive Networks

Ruowu Wu, Xiang Chen, Hui Han, Haojun Zhao, and Yun Lin

Read more

A Framework of Intrusion Detection System based on Bayesian Network in IoT

Qingping Shi, Jian Kang, Rong Wang, Hang Yi, Yun Lin, and Jie Wang

Read more

Marine Three-Shaft Intercooled-Cycle Gas Turbine Engine Transient Thermodynamic Simulation

Jingchao Li, Guoyin Zhang, Yulong Ying,Wanying Shi, and Dongyuan Bi

Read more

An Optimization Method for XML Twig Query

Zhixue He, Huan Wang, and Husheng Liao

Read more

An Indoor Fusion Localization Method using Pedestrian Dead Reckoning

Qian Zhao, Peng Luan, Huiqiang Wang, Hongwu Lv, Guangsheng Feng, and Mao Tang

Read more

Delay Constraint Data Collection Strategy in VANET

Huanhuan Yang, Zongpu Jia, and Guojun Xie

Read more

Parallel Optimization of KNN Query Strategy based on Road Network

Boqi Hu, Hailong Sun, Fangsong Li, Chao Jiang, and Weitao Zou

Read more

An Improved TOA Model based on Error Correction and Self-Genetic Algorithm

Xuyang Wang, Yaxi Wang, Zhongkai Dang, Hongmei Pei, and Long Zhang

Read more

A Bipartite Graph Matching Algorithm in Human-Computer Collaboration

Junfeng Man, Longqian Zhao, Ming Liu, Cheng Peng, and Qianqian Li

Read more

A Distributed Secure Monitoring System based on Blockchain

Guangsong Yang, Xinwen Wu, Yiliang Wu, and Chincheng Chen

Read more

Design of Outcome-based Education Blockchain

Tao Li, Bin Duan, Dayu Liu, and Zhen Fu

Read more

An Automatic Web Data Extraction Approach based on Path Index Trees

Yan Wen, Qingtian Zeng, Hua Duan, Feng Zhang, and Xin Chen

Read more

Deep Web Entity Identification Method with Unique Constraint

Xuefeng Xian, Pengpeng Zhao, Zhaobin Liu, Caidong Gu, and Victor S. Sheng

Read more

A Hierarchical Caching Decision Algorithm for Content-Centric Network

Zengyu Cai, Xuhui Wang, Jianwei Zhang, Wanwei Huang, and Yong Gan

Read more

New Polling Scheme based on Busy/Idle Queues Mechanism

Zhijun Yang, Yangyang Sun, and Jianhou Gan

Read more
This site uses encryption for transmitting your passwords.