CFP last date
22 April 2024
Reseach Article

A Generative Adversarial Approach for Malware Detection: Android Case Study

by Prashant Kaushik
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 186 - Number 7
Year of Publication: 2024
Authors: Prashant Kaushik
10.5120/ijca2024923412

Prashant Kaushik . A Generative Adversarial Approach for Malware Detection: Android Case Study. International Journal of Computer Applications. 186, 7 ( Feb 2024), 43-46. DOI=10.5120/ijca2024923412

@article{ 10.5120/ijca2024923412,
author = { Prashant Kaushik },
title = { A Generative Adversarial Approach for Malware Detection: Android Case Study },
journal = { International Journal of Computer Applications },
issue_date = { Feb 2024 },
volume = { 186 },
number = { 7 },
month = { Feb },
year = { 2024 },
issn = { 0975-8887 },
pages = { 43-46 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume186/number7/a-generative-adversarial-approach-for-malware-detection-android-case-study/ },
doi = { 10.5120/ijca2024923412 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-22T22:17:52.864794+05:30
%A Prashant Kaushik
%T A Generative Adversarial Approach for Malware Detection: Android Case Study
%J International Journal of Computer Applications
%@ 0975-8887
%V 186
%N 7
%P 43-46
%D 2024
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Identifying infected Android apps relies on extracting key features from apps, both statically and dynamically. Static feature analysis offers a comprehensive view by examining all source code, including bytecode, C++ code, and permission-containing manifest files. Dynamic analysis complements this by observing app behavior in action, such as disk access, system calls, and network activity. Challenges arise when apps update, as feature sets evolve, potentially hindering classification accuracy. To address this, researchers developed a tool combining a GAN (Generative Adversarial Network) and automation to continuously gather and update feature sets for training. The GAN generates similar samples to enhance training and classification capabilities. The proposed classification cascaded with GAN model named TC-GAN, categorizes apps into three classes: malicious, benign, and inconclusive ("can't say"). Using TensorFlow Lite, the model achieved over 82% accuracy on a dataset of 12,000 apps and their variations, with 15 extracted and 10 GAN-generated features.

References
  1. “Kaspersky Lab Reporting: Mobile Malware Has Grown Almost 3-fold in Q2, and Cyberespionage Attacks Target SMB Companies.” www.kaspersky.com, 18 May 2023,
  2. Funk, Christian. “Kaspersky Security Bulletin 2013. Overall Statistics for 2013.” Securelist, 18 May 2021, securelist.com/kaspersky-security-bulletin-2013-overall-statistics-for-2013/58265.
  3. Y. Zhou, Z. Wang, W. Zhou, and X. Jiang and P. Ning, Detecting malicious apps in o cial and alternative Android markets, Proceedings of the second ACM conference on Data and Application Security and Privacy,2012
  4. M. Spreitzenbarth, T. Schreck, F. Echtler, D. Arp and J. Ho mann, Mobile- Sandbox: combining static and dynamic analysis with machine-learning tech- niques, International Journal of Information Security,14(2):141–153,2014
  5. Kiran Khatter, Sapna Malik: “AndroData: A Tool for Static & Dynamic Feature Extraction of Android Apps” in International Journal of Applied Engineering, Jan 2015.
  6. A. P. Fuchs, A. Chaudhuri, and J. S. Foster, “SCanDroid: Automated Security Certification of Android Applications,” Technical report, University of Maryland, 2009.
  7. Y. Feng, S. Anand, I. Dillig and A. Aiken, Apposcopy: semantics-based detection of Android malware through static analysis,Proceedings of the 22nd ACM SIG- SOFT International Symposium on Foundations of Software Engineering,576– 587,2014
  8. W. Enck, P. Gilbert, S. Han, V. Tendulkar, B. Chun, L. P. Cox, J. Jung, P. Mc- Daniel and A. N. Sheth, TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones,ACM Transactions on Computer Systems, 32(2):1–29, 2014
  9. V. M. Afonso, M. F. de Amorim, A. R. A. Gregio, G. B. Junquera and P. L. de Geus, Identifying Android malware using dynamically obtained features,Journal of Computer Virology and Hacking Techniques, 11(1):9–17, 2015
  10. J. Abah, O. Waziri,M. Abdullahi, U. Arthur and O. Adewale, A machine learn- ing approach to anomaly-based detection on Android platforms, International Journal of Network Security and Its Applications, 7(6):15–35,2015
  11. H. Kang, J.-W. Jang, A. Mohaisen, and H. K. Kim, “Detecting and classifying android malware using static analysis along with creator information,” International Journal of Distributed Sensor Networks, vol. 11, no. 6, Article ID 479174, 2015.
  12. https://github.com/prashant343/APKinfectDetect/blob/master/APKdata.c
  13. Tensorflow. “GitHub - Tensorflow/Tensorflow: An Open Source Machine Learning Framework for Everyone.” GitHub, github.com/tensorflow/tensorflow.
  14. Skylot. “GitHub - Skylot/Jadx: Dex to Java Decompiler.” GitHub, github.com/skylot/jadx.
Index Terms

Computer Science
Information Sciences
Generative networks
deep learning.

Keywords

GAN TC-GAN malware applications infected applications deep learning feature vector generation malicious APK