An Android Malware Detection Approach Using Community Structures of Weighted Function Call Graphs
With the development of code obfuscation and application repackaging technologies, an increasing number of structural information-based methods have been proposed for malware detection. Although, many offer improved detection accuracy via a similarity comparison of specific graphs, they still face l...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2017-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/7964684/ |
| _version_ | 1818618885314707456 |
|---|---|
| author | Yao Du Junfeng Wang Qi Li |
| author_facet | Yao Du Junfeng Wang Qi Li |
| author_sort | Yao Du |
| collection | DOAJ |
| description | With the development of code obfuscation and application repackaging technologies, an increasing number of structural information-based methods have been proposed for malware detection. Although, many offer improved detection accuracy via a similarity comparison of specific graphs, they still face limitations in terms of computation time and the need for manual operation. In this paper, we present a new malware detection method that automatically divides a function call graph into community structures. The features of these community structures can then be used to detect malware. Our method reduces the computation time by improving the Girvan-Newman algorithm and using machine learning classification instead of a similarity comparison of subgraphs. To evaluate our method, 5040 malware samples and 8750 benign samples were collected as an experimental data set. The evaluation results show that the detection accuracy of our method is higher than that of three well-known anti-virus software and two previous control flow graph-based methods for many malware families. The runtime performance of our method exhibits a clear improvement over the GN algorithm for community structure generation. |
| first_indexed | 2024-12-16T17:28:42Z |
| format | Article |
| id | doaj.art-cdfc3b2c2dae46cbad1ff39f2c735045 |
| institution | Directory Open Access Journal |
| issn | 2169-3536 |
| language | English |
| last_indexed | 2024-12-16T17:28:42Z |
| publishDate | 2017-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj.art-cdfc3b2c2dae46cbad1ff39f2c7350452022-12-21T22:22:59ZengIEEEIEEE Access2169-35362017-01-015174781748610.1109/ACCESS.2017.27201607964684An Android Malware Detection Approach Using Community Structures of Weighted Function Call GraphsYao Du0https://orcid.org/0000-0003-2914-2283Junfeng Wang1https://orcid.org/0000-0003-1699-2270Qi Li2College of Computer Science, Sichuan University, Chengdu, ChinaSchool of Aeronautics and Astronautics and College of Computer Science, Sichuan University, Chengdu, ChinaCollege of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, ChinaWith the development of code obfuscation and application repackaging technologies, an increasing number of structural information-based methods have been proposed for malware detection. Although, many offer improved detection accuracy via a similarity comparison of specific graphs, they still face limitations in terms of computation time and the need for manual operation. In this paper, we present a new malware detection method that automatically divides a function call graph into community structures. The features of these community structures can then be used to detect malware. Our method reduces the computation time by improving the Girvan-Newman algorithm and using machine learning classification instead of a similarity comparison of subgraphs. To evaluate our method, 5040 malware samples and 8750 benign samples were collected as an experimental data set. The evaluation results show that the detection accuracy of our method is higher than that of three well-known anti-virus software and two previous control flow graph-based methods for many malware families. The runtime performance of our method exhibits a clear improvement over the GN algorithm for community structure generation.https://ieeexplore.ieee.org/document/7964684/Malwarecommunity structuresmachine learning |
| spellingShingle | Yao Du Junfeng Wang Qi Li An Android Malware Detection Approach Using Community Structures of Weighted Function Call Graphs IEEE Access Malware community structures machine learning |
| title | An Android Malware Detection Approach Using Community Structures of Weighted Function Call Graphs |
| title_full | An Android Malware Detection Approach Using Community Structures of Weighted Function Call Graphs |
| title_fullStr | An Android Malware Detection Approach Using Community Structures of Weighted Function Call Graphs |
| title_full_unstemmed | An Android Malware Detection Approach Using Community Structures of Weighted Function Call Graphs |
| title_short | An Android Malware Detection Approach Using Community Structures of Weighted Function Call Graphs |
| title_sort | android malware detection approach using community structures of weighted function call graphs |
| topic | Malware community structures machine learning |
| url | https://ieeexplore.ieee.org/document/7964684/ |
| work_keys_str_mv | AT yaodu anandroidmalwaredetectionapproachusingcommunitystructuresofweightedfunctioncallgraphs AT junfengwang anandroidmalwaredetectionapproachusingcommunitystructuresofweightedfunctioncallgraphs AT qili anandroidmalwaredetectionapproachusingcommunitystructuresofweightedfunctioncallgraphs AT yaodu androidmalwaredetectionapproachusingcommunitystructuresofweightedfunctioncallgraphs AT junfengwang androidmalwaredetectionapproachusingcommunitystructuresofweightedfunctioncallgraphs AT qili androidmalwaredetectionapproachusingcommunitystructuresofweightedfunctioncallgraphs |