An image-inspired and CNN-based Android malware detection approach

Abstract

Until 2017, Android smartphones occupied approximately 87% of the smartphone market. The vast market also promotes the development of Android malware. Nowadays, the number of malware targeting Android devices found daily is more than 38,000. With the rapid progress of mobile application programming and anti-reverse-engineering techniques, it is harder to detect all kinds of malware. To address challenges in existing detection techniques, such as data obfuscation and limited codes coverage, we propose a detection approach that directly learns features of malware from Dalvik bytecode based on deep learning technique (CNN). The average detection time of our model is 0.22 seconds, which is much lower than other existing detection approaches. In the meantime, the overall accuracy of our model achieves over 93%.