Smali code-based deep learning model for Android malware detection

Smali code-based deep learning model for Android malware detection

연구 분야: Safety

학회: The Journal of Supercomputing

With the widespread adoption of smartphones and the exponential growth of the mobile Internet, the Android platform has emerged as a highly popular choice. However, the platform’s open-source nature has also made it vulnerable to a surge in malware attacks. To address this pressing issue, this research paper introduces a robust malware detection system based on Smali-GRU (gated recurrent unit) network, aimed at enhancing the efficiency of malware detection on the Android platform. The proposed detection system employs a static analysis approach to extract Smali files from Android application packages (APKs). These extracted Smali files then undergo a series of pre-processing steps to extract pertinent features. To ensure compatibility with the GRU model, the preprocessed Smali files are fragmented into smaller segments. The paper explores and tests fragments of varying sizes to identify the optimal configuration that yields the most promising results. The study’s findings highlight that the proposed Smali-GRU model outperforms existing works that employ the same dataset and GRU model, resulting in an impressive accuracy of 98.29%. Furthermore, the robustness of the model is evaluated using a dataset of obfuscated malware. The results obtained highlight the efficacy and superiority of the proposed model in successfully detecting obfuscated malware in Android applications.