IoT-based Android Malware Detection Using Graph Neural Network With Adversarial Defense

• URL: http://arxiv.org/abs/2512.20004v1
• Date: Tue, 23 Dec 2025 02:57:33 GMT
• Title: IoT-based Android Malware Detection Using Graph Neural Network With Adversarial Defense
• Authors: Rahul Yumlembam, Biju Issac, Seibu Mary Jacob, Longzhi Yang,
• Abstract summary: We show the effectiveness of graph-based classification using a Graph Neural Network (GNN)-based classifier to generate API graph embeddings.<n>We propose a Generative Adversarial Network (GAN)-based attack algorithm named VGAE-MalGAN targeting graph-based GNN Android malware classifiers.
• Score: 3.2846283642465077
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Since the Internet of Things (IoT) is widely adopted using Android applications, detecting malicious Android apps is essential. In recent years, Android graph-based deep learning research has proposed many approaches to extract relationships from applications as graphs to generate graph embeddings. First, we demonstrate the effectiveness of graph-based classification using a Graph Neural Network (GNN)-based classifier to generate API graph embeddings. The graph embeddings are combined with Permission and Intent features to train multiple machine learning and deep learning models for Android malware detection. The proposed classification approach achieves an accuracy of 98.33 percent on the CICMaldroid dataset and 98.68 percent on the Drebin dataset. However, graph-based deep learning models are vulnerable, as attackers can add fake relationships to evade detection by the classifier. Second, we propose a Generative Adversarial Network (GAN)-based attack algorithm named VGAE-MalGAN targeting graph-based GNN Android malware classifiers. The VGAE-MalGAN generator produces adversarial malware API graphs, while the VGAE-MalGAN substitute detector attempts to mimic the target detector. Experimental results show that VGAE-MalGAN can significantly reduce the detection rate of GNN-based malware classifiers. Although the model initially fails to detect adversarial malware, retraining with generated adversarial samples improves robustness and helps mitigate adversarial attacks.

Related papers

• MASKDROID: Robust Android Malware Detection with Masked Graph Representations [56.09270390096083]
  We propose MASKDROID, a powerful detector with a strong discriminative ability to identify malware. We introduce a masking mechanism into the Graph Neural Network based framework, forcing MASKDROID to recover the whole input graph. This strategy enables the model to understand the malicious semantics and learn more stable representations, enhancing its robustness against adversarial attacks.
  arXiv  Detail & Related papers  (2024-09-29T07:22:47Z)
• HGAttack: Transferable Heterogeneous Graph Adversarial Attack [63.35560741500611]
  Heterogeneous Graph Neural Networks (HGNNs) are increasingly recognized for their performance in areas like the web and e-commerce. This paper introduces HGAttack, the first dedicated gray box evasion attack method for heterogeneous graphs.
  arXiv  Detail & Related papers  (2024-01-18T12:47:13Z)
• GOODAT: Towards Test-time Graph Out-of-Distribution Detection [103.40396427724667]
  Graph neural networks (GNNs) have found widespread application in modeling graph data across diverse domains. Recent studies have explored graph OOD detection, often focusing on training a specific model or modifying the data on top of a well-trained GNN. This paper introduces a data-centric, unsupervised, and plug-and-play solution that operates independently of training data and modifications of GNN architecture.
  arXiv  Detail & Related papers  (2024-01-10T08:37:39Z)
• OCGEC: One-class Graph Embedding Classification for DNN Backdoor Detection [18.11795712499763]
  This study proposes a novel one-class classification framework called One-class Graph Embedding Classification (OCGEC) OCGEC uses GNNs for model-level backdoor detection with only a little amount of clean data. In comparison to other baselines, it achieves AUC scores of more than 98% on a number of tasks.
  arXiv  Detail & Related papers  (2023-12-04T02:48:40Z)
• A Survey on Malware Detection with Graph Representation Learning [0.0]
  Malware detection has become a major concern due to the increasing number and complexity of malware. In recent years, Machine Learning (ML) and notably Deep Learning (DL) achieved impressive results in malware detection by learning useful representations from data. This paper provides an in-depth literature review to summarize and unify existing works under the common approaches and architectures.
  arXiv  Detail & Related papers  (2023-03-28T14:27:08Z)
• A Comparison of Graph Neural Networks for Malware Classification [2.707154152696381]
  We train a wide range of Graph Neural Network (GNN) architectures to generate embeddings which we then classify. We find that our best GNN models outperform previous comparable research involving the well-known MalNet-Tiny Android malware dataset.
  arXiv  Detail & Related papers  (2023-03-22T01:05:57Z)
• Model Inversion Attacks against Graph Neural Networks [65.35955643325038]
  We study model inversion attacks against Graph Neural Networks (GNNs) In this paper, we present GraphMI to infer the private training graph data. Our experimental results show that such defenses are not sufficiently effective and call for more advanced defenses against privacy attacks.
  arXiv  Detail & Related papers  (2022-09-16T09:13:43Z)
• Graph Neural Network-based Android Malware Classification with Jumping Knowledge [3.408873763213743]
  This paper proposes a GNN-based method for Android malware detection by capturing meaningful intra-procedural call path patterns. A Jumping-Knowledge technique is applied to minimize the effect of the over-smoothing problem. The proposed method has been extensively evaluated using two benchmark datasets.
  arXiv  Detail & Related papers  (2022-01-19T11:29:02Z)
• GANG-MAM: GAN based enGine for Modifying Android Malware [1.6799377888527687]
  Malware detectors based on machine learning are vulnerable to adversarial attacks. We propose a system that produces a feature vector for making an Android malware strongly evasive and then modify the malicious program accordingly.
  arXiv  Detail & Related papers  (2021-09-27T18:36:20Z)
• Graph Structure Learning for Robust Graph Neural Networks [63.04935468644495]
  Graph Neural Networks (GNNs) are powerful tools in representation learning for graphs. Recent studies show that GNNs are vulnerable to carefully-crafted perturbations, called adversarial attacks. We propose a general framework Pro-GNN, which can jointly learn a structural graph and a robust graph neural network model.
  arXiv  Detail & Related papers  (2020-05-20T17:07:05Z)
• Adversarial Attack on Community Detection by Hiding Individuals [68.76889102470203]
  We focus on black-box attack and aim to hide targeted individuals from the detection of deep graph community detection models. We propose an iterative learning framework that takes turns to update two modules: one working as the constrained graph generator and the other as the surrogate community detection model.
  arXiv  Detail & Related papers  (2020-01-22T09:50:04Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.