Fast, automatic and scalable learning to detect android malware

Mahmood Yousefi-Azar*, Len Hamey, Vijay Varadharajan, Mark D. McDonnell

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

4 Citations (Scopus)

Abstract

We propose a novel scheme for Android malware detection. The scheme has two extremely fast phases. First term-frequency simhashing (tf-simhashing) extracts a fixed sized vector for each binary file. The hashing algorithm embeds the frequency of n-grams of bytes into the output vector which can be reshaped into an image representation. In the second phase, we propose a convolutional extreme learning machine (CELM) learns to distinguish between hashes of malicious and clean files as a two class classification task. This scalable scheme is extremely fast in both learning and predicting. The results show that tf-simhashing in an image-shape representation together with CELM provides better performance than three non-parametric models and one state-of-the-art parametric model.

Original languageEnglish
Title of host publicationNeural Information Processing
Subtitle of host publication24th International Conference, ICONIP 2017, Guangzhou, China, November 14–18, 2017. Proceedings, Part V
EditorsDerong Liu, Shengli Xie, Yuanqing Li, Dongbin Zhao, El-Sayed M. El-Alfy
PublisherSpringer, Springer Nature
Pages848-857
Number of pages10
ISBN (Electronic)9783319701394
ISBN (Print)9783319701387
DOIs
Publication statusPublished - 2017
Event24th International Conference on Neural Information Processing, ICONIP 2017 - Guangzhou, China
Duration: 14 Nov 201718 Nov 2017

Publication series

NameLecture Notes in Computer Science
Volume10638
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference24th International Conference on Neural Information Processing, ICONIP 2017
CountryChina
CityGuangzhou
Period14/11/1718/11/17

    Fingerprint

Keywords

  • Android malware detection
  • Convolutional extreme learning machine
  • Static analysis
  • Term-frequency simhashing

Cite this

Yousefi-Azar, M., Hamey, L., Varadharajan, V., & McDonnell, M. D. (2017). Fast, automatic and scalable learning to detect android malware. In D. Liu, S. Xie, Y. Li, D. Zhao, & E-S. M. El-Alfy (Eds.), Neural Information Processing: 24th International Conference, ICONIP 2017, Guangzhou, China, November 14–18, 2017. Proceedings, Part V (pp. 848-857). (Lecture Notes in Computer Science; Vol. 10638). Springer, Springer Nature. https://doi.org/10.1007/978-3-319-70139-4_86