Android Malware Detection Based on RGB Images and Multi-feature Fusion
- URL: http://arxiv.org/abs/2408.16555v1
- Date: Thu, 29 Aug 2024 14:18:54 GMT
- Title: Android Malware Detection Based on RGB Images and Multi-feature Fusion
- Authors: Zhiqiang Wang, Qiulong Yu, Sicheng Yuan,
- Abstract summary: This paper proposes an end-to-end Android malware detection technique based on RGB images and multi-feature fusion.
Experiments demonstrate that the proposed method effectively captures Android malware characteristics, achieving an accuracy of up to 97.25%.
- Score: 3.1244204900991623
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: With the widespread adoption of smartphones, Android malware has become a significant challenge in the field of mobile device security. Current Android malware detection methods often rely on feature engineering to construct dynamic or static features, which are then used for learning. However, static feature-based methods struggle to counter code obfuscation, packing, and signing techniques, while dynamic feature-based methods involve time-consuming feature extraction. Image-based methods for Android malware detection offer better resilience against malware variants and polymorphic malware. This paper proposes an end-to-end Android malware detection technique based on RGB images and multi-feature fusion. The approach involves extracting Dalvik Executable (DEX) files, AndroidManifest.xml files, and API calls from APK files, converting them into grayscale images, and enhancing their texture features using Canny edge detection, histogram equalization, and adaptive thresholding techniques. These grayscale images are then combined into an RGB image containing multi-feature fusion information, which is analyzed using mainstream image classification models for Android malware detection. Extensive experiments demonstrate that the proposed method effectively captures Android malware characteristics, achieving an accuracy of up to 97.25%, outperforming existing detection methods that rely solely on DEX files as classification features. Additionally, ablation experiments confirm the effectiveness of using the three key files for feature representation in the proposed approach.
Related papers
- Detecting Android Malware by Visualizing App Behaviors from Multiple Complementary Views [28.69137642535078]
We propose and implement LensDroid, a novel technique that detects Android malware by visualizing app behaviors from multiple complementary views.
Our goal is to harness the power of combining deep learning and software visualization to automatically capture and aggregate high-level features that are not inherently linked.
arXiv Detail & Related papers (2024-10-08T16:00:27Z) - MASKDROID: Robust Android Malware Detection with Masked Graph Representations [56.09270390096083]
We propose MASKDROID, a powerful detector with a strong discriminative ability to identify malware.
We introduce a masking mechanism into the Graph Neural Network based framework, forcing MASKDROID to recover the whole input graph.
This strategy enables the model to understand the malicious semantics and learn more stable representations, enhancing its robustness against adversarial attacks.
arXiv Detail & Related papers (2024-09-29T07:22:47Z) - Light up that Droid! On the Effectiveness of Static Analysis Features
against App Obfuscation for Android Malware Detection [42.50353398405467]
Malware authors have seen obfuscation as the mean to bypass malware detectors based on static analysis features.
In this article we assess the impact of specific obfuscation techniques on common features extracted using static analysis.
We propose a ML malware detector for Android that is robust against obfuscation and outperforms current state-of-the-art detectors.
arXiv Detail & Related papers (2023-10-24T09:07:23Z) - Design of secure and robust cognitive system for malware detection [0.571097144710995]
Adversarial samples are generated by intelligently crafting and adding perturbations to the input samples.
The aim of this thesis is to address the critical system security issues.
A novel technique to detect stealthy malware is proposed.
arXiv Detail & Related papers (2022-08-03T18:52:38Z) - ObjectFormer for Image Manipulation Detection and Localization [118.89882740099137]
We propose ObjectFormer to detect and localize image manipulations.
We extract high-frequency features of the images and combine them with RGB features as multimodal patch embeddings.
We conduct extensive experiments on various datasets and the results verify the effectiveness of the proposed method.
arXiv Detail & Related papers (2022-03-28T12:27:34Z) - DexRay: A Simple, yet Effective Deep Learning Approach to Android
Malware Detection based on Image Representation of Bytecode [3.820544053981168]
We develop and assess a baseline pipeline for image-based malware detection with straightforward steps.
We propose DexRay, which converts the bytecode of the app DEX files into grey-scale "vector" images and feeds them to a 1-dimensional Convolutional Neural Network model.
The performance of DexRay evaluated on over 158k apps demonstrates that, while simple, our approach is effective with a high detection rate.
arXiv Detail & Related papers (2021-09-05T16:33:05Z) - M2TR: Multi-modal Multi-scale Transformers for Deepfake Detection [74.19291916812921]
forged images generated by Deepfake techniques pose a serious threat to the trustworthiness of digital information.
In this paper, we aim to capture the subtle manipulation artifacts at different scales for Deepfake detection.
We introduce a high-quality Deepfake dataset, SR-DF, which consists of 4,000 DeepFake videos generated by state-of-the-art face swapping and facial reenactment methods.
arXiv Detail & Related papers (2021-04-20T05:43:44Z) - A Novel Malware Detection Mechanism based on Features Extracted from
Converted Malware Binary Images [0.22843885788439805]
We use malware binary images and then extract different features from the same and then employ different ML-classifiers on the dataset thus obtained.
We show that this technique is successful in differentiating classes of malware based on the features extracted.
arXiv Detail & Related papers (2021-04-14T06:55:52Z) - Adversarial Attacks on Binary Image Recognition Systems [78.78811131936622]
We study adversarial attacks on models for binary (i.e. black and white) image classification.
In contrast to colored and grayscale images, the search space of attacks on binary images is extremely restricted.
We introduce a new attack algorithm called SCAR, designed to fool classifiers of binary images.
arXiv Detail & Related papers (2020-10-22T14:57:42Z) - Instance-aware Image Colorization [51.12040118366072]
In this paper, we propose a method for achieving instance-aware colorization.
Our network architecture leverages an off-the-shelf object detector to obtain cropped object images.
We use a similar network to extract the full-image features and apply a fusion module to predict the final colors.
arXiv Detail & Related papers (2020-05-21T17:59:23Z) - Discernible Image Compression [124.08063151879173]
This paper aims to produce compressed images by pursuing both appearance and perceptual consistency.
Based on the encoder-decoder framework, we propose using a pre-trained CNN to extract features of the original and compressed images.
Experiments on benchmarks demonstrate that images compressed by using the proposed method can also be well recognized by subsequent visual recognition and detection models.
arXiv Detail & Related papers (2020-02-17T07:35:08Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.