Volume 9 - Issue 4
Intelligent Malware Detection Based on Hybrid Learning of API and ACG on Android
- Kichang Kim
School of Software, Soongsil University, Seoul, 06978, Republic of Korea
kckim7008@soongsil.ac.kr
- Eunbyeol Ko
School of Software, Soongsil University, Seoul, 06978, Republic of Korea
kongstar159@soongsil.ac.kr
- Jinsung Kim
School of Software, Soongsil University, Seoul, 06978, Republic of Korea
okokabv@soongsil.ac.kr
- Jeong Hyun Yi
School of Software, Soongsil University, Seoul, 06978, Republic of Korea
jhyi@ssu.ac.kr
Keywords: Malware Detection, Machine Learning, API, API Call Graph
Abstract
Mobile devices will continue to be central in providing personalized services in the hyper-connected
era following the introduction of 5G network services. If a mobile device is exposed to malwares,
there is a risk of malware spreading to all the devices it is connected to in an instant. For example,
malware can transit from mobile devices to autonomous vehicles that share data through various sensors
and that are hyper-connection capable with a server or other device on a 5G network. It is thus
becoming more important to preemptively anticipate the behavior of mobile malware using machine
learning techniques based on pre-learned datasets. In this paper, we propose a scheme to identify malicious
codes by extracting APIs used in Android apps by hybridizing machine learning techniques
based not only on APIs but also ACG. The proposed scheme aims to reduce false positives of existing
approaches using only APIs and improving performance problems of ACG approaches using excessive
features. In addition, we evaluate the performance of the proposed scheme by comparing and
analyzing the experimental results of the proposed scheme and the existing schemes for third-party
malicious code samples.