DexRay: A Simple, yet Effective Deep Learning Approach to Android Malware Detection based on Image Representation of Bytecode

• URL: http://arxiv.org/abs/2109.03326v1
• Date: Sun, 5 Sep 2021 16:33:05 GMT
• Title: DexRay: A Simple, yet Effective Deep Learning Approach to Android Malware Detection based on Image Representation of Bytecode
• Authors: Nadia Daoudi, Jordan Samhi, Abdoul Kader Kabore, Kevin Allix, Tegawend\'e F. Bissyand\'e, and Jacques Klein
• Abstract summary: We develop and assess a baseline pipeline for image-based malware detection with straightforward steps. We propose DexRay, which converts the bytecode of the app DEX files into grey-scale "vector" images and feeds them to a 1-dimensional Convolutional Neural Network model. The performance of DexRay evaluated on over 158k apps demonstrates that, while simple, our approach is effective with a high detection rate.
• Score: 3.820544053981168
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Computer vision has witnessed several advances in recent years, with unprecedented performance provided by deep representation learning research. Image formats thus appear attractive to other fields such as malware detection, where deep learning on images alleviates the need for comprehensively hand-crafted features generalising to different malware variants. We postulate that this research direction could become the next frontier in Android malware detection, and therefore requires a clear roadmap to ensure that new approaches indeed bring novel contributions. We contribute with a first building block by developing and assessing a baseline pipeline for image-based malware detection with straightforward steps. We propose DexRay, which converts the bytecode of the app DEX files into grey-scale "vector" images and feeds them to a 1-dimensional Convolutional Neural Network model. We view DexRay as foundational due to the exceedingly basic nature of the design choices, allowing to infer what could be a minimal performance that can be obtained with image-based learning in malware detection. The performance of DexRay evaluated on over 158k apps demonstrates that, while simple, our approach is effective with a high detection rate(F1-score= 0.96). Finally, we investigate the impact of time decay and image-resizing on the performance of DexRay and assess its resilience to obfuscation. This work-in-progress paper contributes to the domain of Deep Learning based Malware detection by providing a sound, simple, yet effective approach (with available artefacts) that can be the basis to scope the many profound questions that will need to be investigated to fully develop this domain.

Related papers

• Effective and Efficient Adversarial Detection for Vision-Language Models via A Single Vector [97.92369017531038]
  We build a new laRge-scale Adervsarial images dataset with Diverse hArmful Responses (RADAR) We then develop a novel iN-time Embedding-based AdveRSarial Image DEtection (NEARSIDE) method, which exploits a single vector that distilled from the hidden states of Visual Language Models (VLMs) to achieve the detection of adversarial images against benign ones in the input.
  arXiv  Detail & Related papers  (2024-10-30T10:33:10Z)
• Zero-Shot Detection of AI-Generated Images [54.01282123570917]
  We propose a zero-shot entropy-based detector (ZED) to detect AI-generated images. Inspired by recent works on machine-generated text detection, our idea is to measure how surprising the image under analysis is compared to a model of real images. ZED achieves an average improvement of more than 3% over the SoTA in terms of accuracy.
  arXiv  Detail & Related papers  (2024-09-24T08:46:13Z)
• High-resolution Image-based Malware Classification using Multiple Instance Learning [0.0]
  This paper proposes a novel method of classifying malware into families using high-resolution greyscale images and multiple instance learning. The implementation is evaluated on the Microsoft Malware Classification dataset and achieves accuracies of up to $96.6%$ on adversarially enlarged samples.
  arXiv  Detail & Related papers  (2023-11-21T18:11:26Z)
• A Survey on Malware Detection with Graph Representation Learning [0.0]
  Malware detection has become a major concern due to the increasing number and complexity of malware. In recent years, Machine Learning (ML) and notably Deep Learning (DL) achieved impressive results in malware detection by learning useful representations from data. This paper provides an in-depth literature review to summarize and unify existing works under the common approaches and architectures.
  arXiv  Detail & Related papers  (2023-03-28T14:27:08Z)
• Artificial Intelligence for Automatic Detection and Classification Disease on the X-Ray Images [0.0]
  This work presents rapid detection of diseases in the lung using the efficient Deep learning pre-trained RepVGG algorithm. We are applying Artificial Intelligence technology for automatic highlighted detection of affected areas of people's lungs.
  arXiv  Detail & Related papers  (2022-11-14T03:51:12Z)
• Design of secure and robust cognitive system for malware detection [0.571097144710995]
  Adversarial samples are generated by intelligently crafting and adding perturbations to the input samples. The aim of this thesis is to address the critical system security issues. A novel technique to detect stealthy malware is proposed.
  arXiv  Detail & Related papers  (2022-08-03T18:52:38Z)
• RestoreDet: Degradation Equivariant Representation for Object Detection in Low Resolution Images [81.91416537019835]
  We propose a novel framework, RestoreDet, to detect objects in degraded low resolution images. Our framework based on CenterNet has achieved superior performance compared with existing methods when facing variant degradation situations.
  arXiv  Detail & Related papers  (2022-01-07T03:40:23Z)
• Beyond the Spectrum: Detecting Deepfakes via Re-Synthesis [69.09526348527203]
  Deep generative models have led to highly realistic media, known as deepfakes, that are commonly indistinguishable from real to human eyes. We propose a novel fake detection that is designed to re-synthesize testing images and extract visual cues for detection. We demonstrate the improved effectiveness, cross-GAN generalization, and robustness against perturbations of our approach in a variety of detection scenarios.
  arXiv  Detail & Related papers  (2021-05-29T21:22:24Z)
• Image Restoration by Deep Projected GSURE [115.57142046076164]
  Ill-posed inverse problems appear in many image processing applications, such as deblurring and super-resolution. We propose a new image restoration framework that is based on minimizing a loss function that includes a "projected-version" of the Generalized SteinUnbiased Risk Estimator (GSURE) and parameterization of the latent image by a CNN.
  arXiv  Detail & Related papers  (2021-02-04T08:52:46Z)
• Malware Detection Using Frequency Domain-Based Image Visualization and Deep Learning [16.224649756613655]
  We propose a novel method to detect and visualize malware through image classification. The executable binaries are represented as grayscale images obtained from the count of N-grams (N=2) of bytes in the Discrete Cosine Transform domain. A shallow neural network is trained for classification, and its accuracy is compared with deep-network architectures such as ResNet that are trained using transfer learning.
  arXiv  Detail & Related papers  (2021-01-26T06:07:46Z)
• NAS-DIP: Learning Deep Image Prior with Neural Architecture Search [65.79109790446257]
  Recent work has shown that the structure of deep convolutional neural networks can be used as a structured image prior. We propose to search for neural architectures that capture stronger image priors. We search for an improved network by leveraging an existing neural architecture search algorithm.
  arXiv  Detail & Related papers  (2020-08-26T17:59:36Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.