Android malware detection based on system call sequences and LSTM |
| |
Authors: | Xiao Xi Zhang Shaofeng Mercaldo Francesco Hu Guangwu Sangaiah Arun Kumar |
| |
Affiliation: | 1.Graduate School At Shenzhen, Tsinghua University, Shenzhen, 518055, China ;2.Institute for Informatics and Telematics, National Research Council of Italy, 56124, Pisa, Italy ;3.School of Computer Science, Shenzhen Institute of Information Technology, Shenzhen, 518172, China ;4.School of Computing Science and Engineering, VIT University, Vellore, 632014, India ; |
| |
Abstract: | As Android-based mobile devices become increasingly popular, malware detection on Android is very crucial nowadays. In this paper, a novel detection method based on deep learning is proposed to distinguish malware from trusted applications. Considering there is some semantic information in system call sequences as the natural language, we treat one system call sequence as a sentence in the language and construct a classifier based on the Long Short-Term Memory (LSTM) language model. In the classifier, at first two LSTM models are trained respectively by the system call sequences from malware and those from benign applications. Then according to these models, two similarity scores are computed. Finally, the classifier determines whether the application under analysis is malicious or trusted by the greater score. Thorough experiments show that our approach can achieve high efficiency and reach high recall of 96.6% with low false positive rate of 9.3%, which is better than the other methods. |
| |
Keywords: | |
本文献已被 SpringerLink 等数据库收录! |
|