Malware attack is a growing problem on the Android mobile platform due to its popularity and openness. Although numerous malware detection approaches have been proposed, it still remains challenging for malware detection due to a large amount of constantly mutating apps. The opcode, as the most fundamental part of Android app, possesses good resistance against obfuscation and Android version updates. Due to the large number of opcodes, most opcode-based methods employ statistical-based feature selection, which disrupts the correlation and semantic information among opcodes. In this paper, we propose an Android malware detection framework based on sensitive opcodes and deep reinforcement learning. Firstly, we extract sensitive opcode fragments based on sensitive elements and then encode the features using n-gram. Next, we use deep reinforcement learning to select the optimal subset of features. During the process of handling opcodes, we focus on preserving semantic information and the correlation among opcodes. Finally, our experimental results show an accuracy of 0.9670 by using the 25 opcode features we obtained.
JungJ., KimH., ShinD., LeeM., LeeH., ChoS.-J., SuhK. Android malware detection based on useful api calls and machine learning, in 2018 IEEE First International Conference on Artificial Intelligence and Knowledge Engineering (AIKE), pp. 175–178, IEEE, 2018.
2.
Zarni AungW.Z., Permission-based android malware detection, International Journal of Scientific & Technology Research2(3) (2013), 228–234.
3.
VermaS. and MuttooS., An android malware detection framework-basedon permissions and intents, Defence Science Journal66(6) (2016).
4.
EnckW., GilbertP., HanS., TendulkarV., ChunB.-G., CoxL.P., JungJ., McDanielP. and ShethA.N., Taintdroid: an information-flowtracking system for realtime privacy monitoring on smartphones, ACM Transactions on Computer Systems (TOCS)32(2) (2014), 1–29.
5.
WangS., YanQ., ChenZ., YangB., ZhaoC. and ContiM., Detectingandroid malware leveraging text semantics of network flows, IEEE Transactions on Information Forensics and Security13(5) (2017), 1096–1109.
6.
BhatiaT., KaushalR. Malware detection in android based on dynamic analysis, in 2017 International Conference on Cyber Security And Protection of Digital Services (Cyber Security), pp. 1–6, IEEE, 2017.
7.
PoudyalS., DasguptaD., AkhtarZ., GuptaK. A multilevel ransomware detection framework using natural language processing and machine learning, in 14th International Conference on Malicious and Unwanted Software, MALCON, no. October 2015, 2019.
8.
SihagV., MitharwalA., VardhanM., SinghP. Opcodengram based malware classification in android, in 2020 FourthWorld Conference on Smart Trends in Systems, Security and Sustainability(WorldS4), pp. 645–650, IEEE, 2020.
9.
ShuL., DongS., SuH., HuangJ. Android malware detection methods based on convolutional neural network: A survey, IEEE Transactions on Emerging Topics in Computational Intelligence, 2023.
10.
NaeemH., ChengX., UllahF., JabbarS. and DongS., A deepconvolutional neural network stacked ensemble for malware threatclassification in internet of things, Journal of Circuits,Systems and Computers31(17) (2022), 2250302.
11.
AmerE. and El-SappaghS., Robust deep learning early alarmprediction model based on the behavioural smell for android malware, Computers & Security116 (2022), 102670.
12.
LiJ., SunL., YanQ., LiZ., Srisa-AnW. and YeH., Significantpermission identification for machine-learning-based android malwaredetection, IEEE Transactions on Industrial Informatics14(7) (2018), 3216–3225.
13.
SahinD.Ö., KuralO.E., AkleylekS., KílíçE. A novel android malware detection system: adaption of filter-based feature selection methods, Journal of Ambient Intelligence and Humanized Computing, pp. 1–15, 2021.
14.
KangB., YerimaS.Y., McLaughlinK., SezerS. Nopcode analysis for android malware classification and categorization, in 2016 International conference on cyber security and protection of digital services (cyber security), pp. 1–7, IEEE, 2016.
15.
NiuW., CaoR., ZhangX., DingK., ZhangK. and LiT., Opcode-levelfunction call graph based android malware classification using deeplearning, Sensors20(13) (2020), 3645.
16.
ZhangJ., QinZ., ZhangK., YinH. and ZouJ., Dalvik opcode graphbased android malware variants detection using global topologyfeatures, IEEE Access6 (2018), 51964–51974.
17.
PektasA. and AcarmanT., Learning to detect android malware viaopcode sequences, Neurocomputing396 (2020), 599–608.
18.
LiD., ZhaoL., ChengQ., LuN. and ShiW., Opcode sequence analysisof android malware by a convolutional neural network, Concurrency and Computation: Practice and Experience32(18) (2020), e5308.
19.
BabaagbaK.O., AdesanyaS.O. A study on the effect of feature selection on malware analysis using machine learning, in Proceedings of the 2019 8th international conference on educational and information technology, 2019, pp. 51–55.
20.
VisalakshiP., et al. Detecting android malware using an improvedfilter based technique in embedded software, Microprocessorsand Microsystems76 (2020), 103115.
21.
FatimaA., MauryaR., DuttaM.K., BurgetR., MasekJ. Android malware detection using genetic algorithm based optimized feature selection and machine learning, in 2019 42nd International conference on telecommunications and signal processing (TSP), pp. 220–223, IEEE, 2019.
22.
YangJ., ZhangZ., ZhangH. and FanJ., Android malware detectionmethod based on highly distinguishable static features and densenet, Plos One17(11) (2022), e0276332.
23.
BaiY., ChenS., XingZ. and LiX., Argusdroid: detecting androidmalware variants by mining permission-api knowledge graph, Science China Information Sciences66(9) (2023), 1–19.
24.
ArpD., SpreitzenbarthM., HubnerM., GasconH. and RieckK., Drebin: Effective and explainable detection of android malware in your pocket, in Ndss14 (2014), 23–26.
25.
AllixK., BissyandéT.F., KleinJ., Le TraonY. Androzoo: Collecting millions of android apps for the research community, in 2016 IEEE/ACM 13th Working Conference on Mining Software Repositories (MSR), pp. 468–471, IEEE, 2016.
