Back to Search
Start Over
End-To-End Android Malware Classification Based on Pure Traffic Images
- Source :
- 2020 17th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP).
- Publication Year :
- 2020
- Publisher :
- IEEE, 2020.
-
Abstract
- Android security accidents frequently occurred in recent years. It has become an urgent need to propose a method for efficiently detecting and classifying Android malware. Many existing machine learning-based methods often require a lot of time for feature engineering, making it time-consuming to classify malware. To accurately and rapidly detect and classify Android malware, this paper proposes an end-to-end Android malware classification model based on traffic analysis and deep learning. The model uses traffic data generated during the Android APP's runtime as input. First, the traffic data will be processed by a third-party traffic removal module based on the idea of clustering to remove impurity traffic that is not conducive to the classification. Then the pure traffic is converted into pure traffic images which can represent traffic characteristics. Finally, a novel convolutional neural network model named 1.5D-CNN is applied to detect and classify malware by classifying these images. The model was trained and tested on a real Android traffic dataset named CICAndMal2017 which contains the traffic data of benign APPs and four types of malware, and it achieved an average accuracy of 98.5%. Compared with traditional machine learning methods, precision and recall both increased by more than 20 percentage points on average.
- Subjects :
- Feature engineering
050101 languages & linguistics
Traffic analysis
Computer science
business.industry
Deep learning
05 social sciences
02 engineering and technology
computer.software_genre
Machine learning
Convolutional neural network
ComputingMethodologies_PATTERNRECOGNITION
0202 electrical engineering, electronic engineering, information engineering
Malware
020201 artificial intelligence & image processing
0501 psychology and cognitive sciences
Artificial intelligence
Android (operating system)
Cluster analysis
business
Precision and recall
computer
Subjects
Details
- Database :
- OpenAIRE
- Journal :
- 2020 17th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP)
- Accession number :
- edsair.doi...........08c313f2e07118653e23828adcee0f77