Horacio Rodriguez-Bazan, Grigori Sidorov, P. J. Escamilla-Ambrosio
{"title":"基于模糊哈希可视化的安卓恶意软件分类","authors":"Horacio Rodriguez-Bazan, Grigori Sidorov, P. J. Escamilla-Ambrosio","doi":"10.3390/make5040088","DOIUrl":null,"url":null,"abstract":"The proliferation of Android-based devices has brought about an unprecedented surge in mobile application usage, making the Android ecosystem a prime target for cybercriminals. In this paper, a new method for Android malware classification is proposed. The method implements a convolutional neural network for malware classification using images. The research presents a novel approach to transforming the Android Application Package (APK) into a grayscale image. The image creation utilizes natural language processing techniques for text cleaning, extraction, and fuzzy hashing to represent the decompiled code from the APK in a set of hashes after preprocessing, where the image is composed of n fuzzy hashes that represent an APK. The method was tested on an Android malware dataset with 15,493 samples of five malware types. The proposed method showed an increase in accuracy compared to others in the literature, achieving up to 98.24% in the classification task.","PeriodicalId":93033,"journal":{"name":"Machine learning and knowledge extraction","volume":"1 1","pages":""},"PeriodicalIF":4.0000,"publicationDate":"2023-11-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Android Malware Classification Based on Fuzzy Hashing Visualization\",\"authors\":\"Horacio Rodriguez-Bazan, Grigori Sidorov, P. J. Escamilla-Ambrosio\",\"doi\":\"10.3390/make5040088\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The proliferation of Android-based devices has brought about an unprecedented surge in mobile application usage, making the Android ecosystem a prime target for cybercriminals. In this paper, a new method for Android malware classification is proposed. The method implements a convolutional neural network for malware classification using images. The research presents a novel approach to transforming the Android Application Package (APK) into a grayscale image. The image creation utilizes natural language processing techniques for text cleaning, extraction, and fuzzy hashing to represent the decompiled code from the APK in a set of hashes after preprocessing, where the image is composed of n fuzzy hashes that represent an APK. The method was tested on an Android malware dataset with 15,493 samples of five malware types. The proposed method showed an increase in accuracy compared to others in the literature, achieving up to 98.24% in the classification task.\",\"PeriodicalId\":93033,\"journal\":{\"name\":\"Machine learning and knowledge extraction\",\"volume\":\"1 1\",\"pages\":\"\"},\"PeriodicalIF\":4.0000,\"publicationDate\":\"2023-11-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Machine learning and knowledge extraction\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.3390/make5040088\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Machine learning and knowledge extraction","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3390/make5040088","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}
引用次数: 0
摘要
安卓设备的普及带来了移动应用使用量的空前激增,使安卓生态系统成为网络犯罪分子的首要目标。本文提出了一种新的安卓恶意软件分类方法。该方法利用图像实施卷积神经网络进行恶意软件分类。研究提出了一种将安卓应用程序包(APK)转化为灰度图像的新方法。图像创建利用自然语言处理技术进行文本清理和提取,并利用模糊散列将 APK 的反编译代码表示为一组预处理后的散列,其中图像由表示 APK 的 n 个模糊散列组成。该方法在安卓恶意软件数据集上进行了测试,该数据集包含五种恶意软件类型的 15,493 个样本。与其他文献相比,所提出的方法提高了准确率,在分类任务中的准确率高达 98.24%。
Android Malware Classification Based on Fuzzy Hashing Visualization
The proliferation of Android-based devices has brought about an unprecedented surge in mobile application usage, making the Android ecosystem a prime target for cybercriminals. In this paper, a new method for Android malware classification is proposed. The method implements a convolutional neural network for malware classification using images. The research presents a novel approach to transforming the Android Application Package (APK) into a grayscale image. The image creation utilizes natural language processing techniques for text cleaning, extraction, and fuzzy hashing to represent the decompiled code from the APK in a set of hashes after preprocessing, where the image is composed of n fuzzy hashes that represent an APK. The method was tested on an Android malware dataset with 15,493 samples of five malware types. The proposed method showed an increase in accuracy compared to others in the literature, achieving up to 98.24% in the classification task.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
