Skip to main content
Springer Nature Link
Log in

Bytecode-Based Android Malware Detection Applying Convolutional Neural Networks

  • Conference paper
  • First Online:
International Joint Conference 16th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2023) 14th International Conference on EUropean Transnational Education (ICEUTE 2023) (CISIS 2023, ICEUTE 2023)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 748))

  • 357 Accesses

Abstract

Over the past decade, mobile devices have become an integral part of our daily lives. These devices rely on applications to deliver a diverse range of services and functionalities to users, such as social networks or online shopping apps. The usage of these applications has led to the emergence of novel security risks, facilitating the rapid proliferation of malicious apps. To deal with the increasing numbers of Android malware in the wild, deep learning models have emerged as promising detection systems. In this paper, we propose an Android malware detection system using Convolutional Neural Networks (CNN). To accomplish this objective, we trained three distinct models (VGG16, RESNET50, and InceptionV3) on the image representation of the Dalvik executable format. Our assessment, conducted on a dataset of more than 13000 samples, showed that all three models performed up to 99% of the detection of malicious Android applications. Finally, we discuss the potential benefits of employing this type of solution for detecting Android malware.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Arp, D., Spreitzenbarth, M., Hübner, M., Gascon, H., Rieck, K.: Drebin: effective and explainable detection of android malware in your pocket. In: Proceedings 2014 Network and Distributed System Security Symposium. Internet Society (2014). https://doi.org/10.14722/ndss.2014.23247

  2. Aung, Z., Zaw, W.T.: Permission-based android malware detection. Int. J. Sci. Technol. Res. 2, 228–234 (2013)

    Google Scholar 

  3. Chanajitt, R., Viriyasitavat, W., Choo, K.K.R.: Forensic analysis and security assessment of android m-banking apps. Aust. J. Forensic Sci. 50(1), 3–19 (2018). https://doi.org/10.1080/00450618.2016.1182589

    Article  Google Scholar 

  4. Chen, J., Wang, C., Zhao, Z., Chen, K., Du, R., Ahn, G.J.: Uncovering the face of android ransomware: characterization and real-time detection. IEEE Trans. Inf. Forensics Secur. (2018). https://doi.org/10.1109/TIFS.2017.2787905

  5. Damodaran, A., Troia, F.D., Visaggio, C.A., Austin, T.H., Stamp, M.: A comparison of static, dynamic, and hybrid analysis for malware detection. J. Comput. Virol. Hacking Tech. 13(1), 1–12 (2017). https://doi.org/10.1007/s11416-015-0261-z

    Article  Google Scholar 

  6. Erturk, E.: A case study in open source software security and privacy: android adware. In: World Congress on Internet Security (WorldCIS-2012) (2012)

    Google Scholar 

  7. Hashemi, M.: Enlarging smaller images before inputting into convolutional neural network: zero-padding vs. interpolation. J. Big Data 6(1), 98 (2019). https://doi.org/10.1186/s40537-019-0263-7

  8. Hegedus, J., Miche, Y., Ilin, A., Lendasse, A.: Methodology for behavioral-based malware analysis and detection using random projections and k-nearest neighbors classifiers. In: 2011 Seventh International Conference on Computational Intelligence and Security, pp. 1016–1023 (2011). https://doi.org/10.1109/CIS.2011.227

  9. Iadarola, G., Martinelli, F., Mercaldo, F., Santone, A.: Formal methods for android banking malware analysis and detection. In: 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS), pp. 331–336 (2019). https://doi.org/10.1109/IOTSMS48152.2019.8939172

  10. Jeong, Y.s., Lee, H.t., Cho, S.j., Han, S., Park, M.: A kernel-based monitoring approach for analyzing malicious behavior on android. In: Proceedings of the 29th Annual ACM Symposium on Applied Computing, pp. 1737–1738. Association for Computing Machinery, New York, NY, USA (2014). https://doi.org/10.1145/2554850.2559915

  11. Khariwal, K., Singh, J., Arora, A.: Ipdroid: android malware detection using intents and permissions. In: 2020 4th Conference on Smart Trends in System Security and Sustainability (WorldS4), pp. 197–202 (2020). https://doi.org/10.1109/WorldS450073.2020.9210414

  12. Mahdavifar, S., Abdul Kadir, A.F., Fatemi, R., Alhadidi, D., Ghorbani, A.A.: Dynamic android malware category classification using semi-supervised deep learning. In: 2020 IEEE International Conference on Cyber Science and Technology Congress (CyberSciTech) (2020). https://doi.org/10.1109/DASC-PICom-CBDCom-CyberSciTech49142.2020.00094

  13. Martinelli, F., Mercaldo, F., Nardone, V., Santone, A.: Twinkle twinkle little droiddream, how i wonder what you are? In: 2017 IEEE Workshop on Metrology for AeroSpace (MetroAeroSpace) (2017). https://doi.org/10.1109/MetroAeroSpace.2017.7999579

  14. Or-Meir, O., Nissim, N., Elovici, Y., Rokach, L.: Dynamic malware analysis in the modern era-a state of the art survey. ACM (2019). https://doi.org/10.1145/3329786

    Article  Google Scholar 

  15. Saad, M.H., Serageldin, A., Salama, G.I.: Android spyware disease and medication. In: 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec), pp. 118–125 (2015). https://doi.org/10.1109/InfoSec.2015.7435516

  16. Santos, I., Brezo, F., Nieves, J., Penya, Y.K., Sanz, B., Laorden, C., Bringas, P.G.: Idea: Opcode-Sequence-Based Malware Detection. In: Massacci, F., Wallach, D., Zannone, N. (eds.) ESSoS 2010. LNCS, vol. 5965, pp. 35–43. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-11747-3_3

    Chapter  Google Scholar 

  17. Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X., Bringas, P.G., Álvarez, G.: PUMA: permission usage to detect malware in android. In: International Joint Conference CISIS’12-ICEUTE’12-SOCO’12 Special Sessions, pp. 289–298. Springer, Berlin, Heidelberg (2013). https://doi.org/10.1007/978-3-642-33018-6_30

  18. Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: Andromaly: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161–190 (2012). https://doi.org/10.1007/s10844-010-0148-x

  19. Sharma, A., Dash, S.K.: Mining API calls and permissions for android malware detection. In: Gritzalis, D., Kiayias, A., Askoxylakis, I. (eds.) Cryptology and Network Security, pp. 191–205. Springer International Publishing, Cham (2014). https://doi.org/10.1007/978-3-319-12280-9_13

    Chapter  Google Scholar 

  20. Statista: global mobile OS market share 2023 (2023). https://www.statista.com/statistics/272698/global-market-share-held-by-mobile-operating-systems-since-2009/

  21. Su, X., Chuah, M., Tan, G.: Smartphone dual defense protection framework: detecting malicious applications in android markets. In: 2012 8th International Conference on Mobile Ad-hoc and Sensor Networks (MSN) (2012). https://doi.org/10.1109/MSN.2012.43

  22. Vidyarthi, D., Kumar, C., Rakshit, S., Chansarkar, S.: Static malware analysis to identify ransomware properties. Int. J. Comput. Sci. Issues 16(3), 10–17 (2019). https://doi.org/10.5281/zenodo.3252963

    Article  Google Scholar 

  23. Wu, D.J., Mao, C.H., Wei, T.E., Lee, H.M., Wu, K.P.: DroidMat: android malware detection through manifest and API calls tracing. In: 2012 Seventh Asia Joint Conference on Information Security, pp. 62–69 (2012)

    Google Scholar 

  24. Yerima, S.Y., Sezer, S., McWilliams, G., Muttik, I.: A new android malware detection approach using Bayesian classification. In: 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA), pp. 121–128 (2013). https://doi.org/10.1109/AINA.2013.88

Download references

Author information

Authors and Affiliations

  1. University of Deusto, Bilbao, Spain

    Alberto Miranda-Garcia, Iker Pastor-López, Borja Sanz Urquijo, José Gaviria de la Puerta & Pablo García Bringas

Authors
  1. Alberto Miranda-Garcia
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Iker Pastor-López
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Borja Sanz Urquijo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. José Gaviria de la Puerta
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Pablo García Bringas
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alberto Miranda-Garcia .

Editor information

Editors and Affiliations

  1. Faculty of Engineering, University of Deusto, Bilbao, Spain

    Pablo García Bringas

  2. School of Industrial, Computer and Aerospace Engineering, University of Leon, León, Spain

    Hilde Pérez García

  3. Department of Mechanical Engineering, University of La Rioja, Logroño, Spain

    Francisco Javier Martínez de Pisón

  4. Data Science and Big Data Lab, Pablo de Olavide University, Seville, Spain

    Francisco Martínez Álvarez

  5. Data Science and Big Data Lab, Pablo de Olavide University, Seville, Spain

    Alicia Troncoso Lora

  6. Applied Computational Intelligence, University of Burgos, Burgos, Burgos, Spain

    Álvaro Herrero

  7. Department of Industrial Engineering, University of A Coruña, A Coruña, Spain

    José Luis Calvo Rolle

  8. Department of Industrial Engineering, University of A Coruña, A Coruña, Spain

    Héctor Quintián

  9. Faculty of Science, University of Salamanca, Salamanca, Spain

    Emilio Corchado

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Miranda-Garcia, A., Pastor-López, I., Urquijo, B.S., de la Puerta, J.G., Bringas, P.G. (2023). Bytecode-Based Android Malware Detection Applying Convolutional Neural Networks. In: García Bringas, P., et al. International Joint Conference 16th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2023) 14th International Conference on EUropean Transnational Education (ICEUTE 2023). CISIS ICEUTE 2023 2023. Lecture Notes in Networks and Systems, vol 748. Springer, Cham. https://doi.org/10.1007/978-3-031-42519-6_11

Download citation

Publish with us

Policies and ethics