TinyDroid: A Lightweight and Efficient Model for Android Malware Detection and Classification Article Swipe

PDF

Related Concepts

opcode computer science malware android (operating system) android malware scalability machine learning artificial intelligence system call classifier (uml) executable bytecode data mining operating system java

Tieming Chen , Qingyu Mao , Yimin Yang , Mingqi Lv , Jianming Zhu ·

YOU? · · 2018 · Open Access · · DOI: https://doi.org/10.1155/2018/4157156 · OA: W2897887243

With the popularity of Android applications, Android malware has an exponential growth trend. In order to detect Android malware effectively, this paper proposes a novel lightweight static detection model, TinyDroid , using instruction simplification and machine learning technique. First, a symbol-based simplification method is proposed to abstract the opcode sequence decompiled from Android Dalvik Executable files. Then, N-gram is employed to extract features from the simplified opcode sequence, and a classifier is trained for the malware detection and classification tasks. To improve the efficiency and scalability of the proposed detection model, a compression procedure is also used to reduce features and select exemplars for the malware sample dataset. TinyDroid is compared against the state-of-the-art antivirus tools in real world using Drebin dataset. The experimental results show that TinyDroid can get a higher accuracy rate and lower false alarm rate with satisfied efficiency.