About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
Security and Privacy in Communication Networks. 16th EAI International Conference, SecureComm 2020, Washington, DC, USA, October 21-23, 2020, Proceedings, Part II

Research Article

AOMDroid: Detecting Obfuscation Variants of Android Malware Using Transfer Learning

Download(Requires a free EAI acccount)
3 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-030-63095-9_14,
        author={Yu Jiang and Ruixuan Li and Junwei Tang and Ali Davanian and Heng Yin},
        title={AOMDroid: Detecting Obfuscation Variants of Android Malware Using Transfer Learning},
        proceedings={Security and Privacy in Communication Networks. 16th EAI International Conference, SecureComm 2020, Washington, DC, USA, October 21-23, 2020, Proceedings, Part II},
        proceedings_a={SECURECOMM PART 2},
        year={2020},
        month={12},
        keywords={Android security Malware detection Malicious behavior family Obfuscation Transfer learning},
        doi={10.1007/978-3-030-63095-9_14}
    }
    
  • Yu Jiang
    Ruixuan Li
    Junwei Tang
    Ali Davanian
    Heng Yin
    Year: 2020
    AOMDroid: Detecting Obfuscation Variants of Android Malware Using Transfer Learning
    SECURECOMM PART 2
    Springer
    DOI: 10.1007/978-3-030-63095-9_14
Yu Jiang, Ruixuan Li,*, Junwei Tang, Ali Davanian1, Heng Yin1
  • 1: University of California
*Contact email: rxli@hust.edu.cn

Abstract

Android with its large market attracts malware developers. Malware developers employ obfuscation techniques to bypass malware detection mechanisms. Existing systems cannot effectively detect obfuscated Android malware. In this paper, We propose a novel approach to identify obfuscated Android malware. Our proposed approach is based on the intuition that opcode sequences are more resilient to the obfuscation techniques. We first propose an effective approach based on TFIDF algorithm to identify distinctive opcode sequences. Then we represent the opcode sequences as images and reduce the problem of identifying an obfuscated malware to the problem of transforming two images to one another, i.e. unobfuscated malware representation to the obfuscated one. In order to achieve the above, we resort to the transfer learning. We implemented a prototype dubbed AOMDroid based on the proposed approach and extensively evaluated its performance of accuracy and detection time. AOMDroid outperforms four related works that we compared with, and has an accuracy rate of 92.26% in detecting Android obfuscated malware. In addition, AOMDroid supports the detection of 21 Android malware family types. Its malware family detecion accuracy rate is 87.39%. The average time spent by AOMDroid to detect a single Android application is 0.963 s.

Keywords
Android security Malware detection Malicious behavior family Obfuscation Transfer learning
Published
2020-12-12
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-030-63095-9_14
Copyright © 2020–2025 ICST
EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL