{"title":"用于恶意软件检测的有效注意力和残留物网络","authors":"Wei Gu, Hongyan Xing, Tianhao Hou","doi":"10.1049/cmu2.12754","DOIUrl":null,"url":null,"abstract":"<p>Due to its open source and large user base, Android has emerged as the most popular operating system. Android's popularity and openness have made it a prime target for malicious attackers. Permissions have received great attention from researchers because of their effectiveness in restricting applications’ access to sensitive resources. However, existing malware detection methods based on permissions are easily bypassed by inter-application resource access. To address these issues, we combine inter-application resource access-related intent features with permission features. Besides, we designed a customized convolutional neural network using two squeeze-and-excitation blocks to learn the inherent relationships between multi-type features. The two basic SE blocks perform squeezing operations based on average pooling and max pooling, respectively, to compute channel-wise attention from multiple perspectives. We designed a series of experiments based on real-world samples to evaluate the efficacy of the proposed framework. Empirical results demonstrate that our framework outperforms state-of-the-art methods, achieving an accuracy of 96.29%, precision of 97.52%, recall of 94.63%, F1-score of 96.06% and MCC of 92.60%. These promising experimental results consistently demonstrate that AMERDroid is an effective approach for Android malware detection.</p>","PeriodicalId":55001,"journal":{"name":"IET Communications","volume":"18 9","pages":"557-568"},"PeriodicalIF":1.5000,"publicationDate":"2024-04-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cmu2.12754","citationCount":"0","resultStr":"{\"title\":\"An effective attention and residual network for malware detection\",\"authors\":\"Wei Gu, Hongyan Xing, Tianhao Hou\",\"doi\":\"10.1049/cmu2.12754\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Due to its open source and large user base, Android has emerged as the most popular operating system. Android's popularity and openness have made it a prime target for malicious attackers. Permissions have received great attention from researchers because of their effectiveness in restricting applications’ access to sensitive resources. However, existing malware detection methods based on permissions are easily bypassed by inter-application resource access. To address these issues, we combine inter-application resource access-related intent features with permission features. Besides, we designed a customized convolutional neural network using two squeeze-and-excitation blocks to learn the inherent relationships between multi-type features. The two basic SE blocks perform squeezing operations based on average pooling and max pooling, respectively, to compute channel-wise attention from multiple perspectives. We designed a series of experiments based on real-world samples to evaluate the efficacy of the proposed framework. Empirical results demonstrate that our framework outperforms state-of-the-art methods, achieving an accuracy of 96.29%, precision of 97.52%, recall of 94.63%, F1-score of 96.06% and MCC of 92.60%. These promising experimental results consistently demonstrate that AMERDroid is an effective approach for Android malware detection.</p>\",\"PeriodicalId\":55001,\"journal\":{\"name\":\"IET Communications\",\"volume\":\"18 9\",\"pages\":\"557-568\"},\"PeriodicalIF\":1.5000,\"publicationDate\":\"2024-04-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cmu2.12754\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Communications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1049/cmu2.12754\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"ENGINEERING, ELECTRICAL & ELECTRONIC\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Communications","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/cmu2.12754","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}
An effective attention and residual network for malware detection
Due to its open source and large user base, Android has emerged as the most popular operating system. Android's popularity and openness have made it a prime target for malicious attackers. Permissions have received great attention from researchers because of their effectiveness in restricting applications’ access to sensitive resources. However, existing malware detection methods based on permissions are easily bypassed by inter-application resource access. To address these issues, we combine inter-application resource access-related intent features with permission features. Besides, we designed a customized convolutional neural network using two squeeze-and-excitation blocks to learn the inherent relationships between multi-type features. The two basic SE blocks perform squeezing operations based on average pooling and max pooling, respectively, to compute channel-wise attention from multiple perspectives. We designed a series of experiments based on real-world samples to evaluate the efficacy of the proposed framework. Empirical results demonstrate that our framework outperforms state-of-the-art methods, achieving an accuracy of 96.29%, precision of 97.52%, recall of 94.63%, F1-score of 96.06% and MCC of 92.60%. These promising experimental results consistently demonstrate that AMERDroid is an effective approach for Android malware detection.
期刊介绍:
IET Communications covers the fundamental and generic research for a better understanding of communication technologies to harness the signals for better performing communication systems using various wired and/or wireless media. This Journal is particularly interested in research papers reporting novel solutions to the dominating problems of noise, interference, timing and errors for reduction systems deficiencies such as wasting scarce resources such as spectra, energy and bandwidth.
Topics include, but are not limited to:
Coding and Communication Theory;
Modulation and Signal Design;
Wired, Wireless and Optical Communication;
Communication System
Special Issues. Current Call for Papers:
Cognitive and AI-enabled Wireless and Mobile - https://digital-library.theiet.org/files/IET_COM_CFP_CAWM.pdf
UAV-Enabled Mobile Edge Computing - https://digital-library.theiet.org/files/IET_COM_CFP_UAV.pdf