Enhancing Malware Detection for Android Apps: Detecting Fine-granularity Malicious Components
Existing Android malware detection systems primarily concentrate on detecting malware apps, leaving a gap in the research concerning the detection of malicious components in apps. In this work, we propose a novel approach to detect fine-granularity malicious components for Android apps and build a prototype (AMCDroid). For a given app, AMCDroid first models app behavior to a homogenous graph based on the call graph and code statements of the app. Then, the graph is converted to a statement tree sequence for malware detection through the AST-based Neural Network with Feature Mapping (ASTNNF) model. Finally, if the app is detected as malware, AMCDroid applies fine-granularity malicious component detection (MCD) algorithm which is based on many-objective genetic algorithm to the homogenous graph for detecting malicious component in the app adaptively. We evaluate AMCDroid on 95,134 samples. Compared with the other two state-of-the-art methods in malware detection, AMCDroid gets the highest performance on the test set with 0.9699 F1-Score, and shows better robustness in facing obfuscation. Moreover, AMCDroid is capable of detecting fine-granularity malicious components of (obfuscated) malware apps. Especially, its average F1-Score exceeds another state-of-the-art method by 50%.
| slides (AMCDroid.pptx) | 2.52MiB |
Thu 14 SepDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
10:30 - 12:00 | Mobile Development 1Research Papers / Tool Demonstrations / Journal-first Papers at Room D Chair(s): Jordan Samhi CISPA Helmholtz Center for Information Security | ||
10:30 12mTalk | Taming Android Fragmentation through Lightweight Crowdsourced Testing Journal-first Papers Xiaoyu Sun Australian National University, Australia, Xiao Chen Monash University, Yonghui Liu Monash University, John Grundy Monash University, Li Li Beihang University Media Attached File Attached | ||
10:42 12mTalk | Enhancing Malware Detection for Android Apps: Detecting Fine-granularity Malicious Components Research Papers Zhijie Liu ShanghaiTech University, China, Liangfeng Zhang School of Information Science and Technology, ShanghaiTech University, Yutian Tang University of Glasgow File Attached | ||
10:54 12mTalk | Fine-Grained In-Context Permission Classification for Android Apps using Control-Flow Graph Embedding Research Papers Vikas K. Malviya Singapore Management University, Yan Naing Tun Singapore Management University, Chee Wei Leow Singapore Management University, Ailys Tee Xynyn Singapore Management University, Lwin Khin Shar Singapore Management University, Lingxiao Jiang Singapore Management University File Attached | ||
11:06 12mTalk | How Android Apps Break the Data Minimization Principle: An Empirical Study Research Papers Shaokun Zhang Peking University, Hanwen Lei Peking University, Yuanpeng Wang Peking University, Ding Li Peking University, Yao Guo Peking University, Xiangqun Chen Peking University Pre-print File Attached | ||
11:18 12mTalk | ICTDroid: Parameter-Aware Combinatorial Testing for Components of Android Apps Tool Demonstrations Shixin Zhang Institute of Software, Chinese Academy of Sciences, Shanna Li Beijing Jiaotong University, Xi Deng Institute of Software, Chinese Academy of Sciences, Jiwei Yan Institute of Software at Chinese Academy of Sciences, China, Jun Yan Institute of Software at Chinese Academy of Sciences; University of Chinese Academy of Sciences Media Attached File Attached | ||
11:30 12mTalk | DeepScaler: Holistic Autoscaling for Microservices Based on Spatiotemporal GNN with Adaptive Graph Learning Research Papers Chunyang Meng Sun Yat-sen University, Shijie Song Sun Yat-sen University, Haogang Tong Sun Yat-sen University, Maolin Pan Sun Yat-sen University, Yang Yu Sun Yat-sen University Pre-print File Attached | ||