TY - GEN
T1 - Android Malware Detection Using Long Short Term Memory Recurrent Neural Networks
AU - Georgieva, Lilia
AU - Lamarque, Basile
N1 - Publisher Copyright:
© 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2022/2/2
Y1 - 2022/2/2
N2 - In this paper, we study the security attacks on Android using Long Short Term Memory (LSTM) Recurrent Neural Networks. As one of the most popular operating systems, Android is a prime target for security attacks. Only in 2019, 10.5 million malware was detected. Recursive neural networks are in essence machine models made up of a list of cells. Their particularity is that part of the output of the previous cell is used as input for the next one. LSTM have shown good results in several areas, for example, text generation, translation, trajectory prediction. Among the recursive neural network models, LSTM is one of the most efficient approaches to sequence classification as it is able to make relations between very distant elements in a sequence. This research explored the application of LSTM for Android malware detection using source code decompiled from the Android Application Package (APK). The approach we have tried is to first extract the instructions from the source code while respecting their execution order as much as possible. We then explored several ways to filter and encode these instructions. For all feature sets we created, we obtained an accuracy greater than 70 % of accuracy and for some feature sets the accuracy reached 83 % showing that it is possible to successfully detect malware using source code and LSTM.
AB - In this paper, we study the security attacks on Android using Long Short Term Memory (LSTM) Recurrent Neural Networks. As one of the most popular operating systems, Android is a prime target for security attacks. Only in 2019, 10.5 million malware was detected. Recursive neural networks are in essence machine models made up of a list of cells. Their particularity is that part of the output of the previous cell is used as input for the next one. LSTM have shown good results in several areas, for example, text generation, translation, trajectory prediction. Among the recursive neural network models, LSTM is one of the most efficient approaches to sequence classification as it is able to make relations between very distant elements in a sequence. This research explored the application of LSTM for Android malware detection using source code decompiled from the Android Application Package (APK). The approach we have tried is to first extract the instructions from the source code while respecting their execution order as much as possible. We then explored several ways to filter and encode these instructions. For all feature sets we created, we obtained an accuracy greater than 70 % of accuracy and for some feature sets the accuracy reached 83 % showing that it is possible to successfully detect malware using source code and LSTM.
UR - http://www.scopus.com/inward/record.url?scp=85125237882&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-95918-0_5
DO - 10.1007/978-3-030-95918-0_5
M3 - Conference contribution
AN - SCOPUS:85125237882
SN - 9783030959173
T3 - Lecture Notes in Networks and Systems
SP - 42
EP - 52
BT - Proceedings of the International Conference on Applied CyberSecurity (ACS) 2021
A2 - Ragab Hassen, Hani
A2 - Batatia, Hadj
PB - Springer
T2 - International Conference on Applied CyberSecurity 2021
Y2 - 13 November 2021 through 14 November 2021
ER -