Intelligent Malware Detection Based on
Hybrid Learning of API and ACG on Android Kichang Kim, Eunbyeol Ko, Jinsung Kim,
and Jeong Hyun Yi+ School of Software, Soongsil University, Seoul,
06978, Republic of Korea {kckim7008,
kongstar159, okokabv}@soongsil.ac.kr, jhyi@ssu.ac.kr
Abstract Mobile devices will continue to be central in
providing personalized services in the hyper-connected era following the
introduction of 5G network services. If a mobile device is exposed to
malwares, there is a risk of malware spreading to all the devices it is
connected to in an instant. For example, malware can transit from mobile
devices to autonomous vehicles that share data through various sensors and
that are hyper-connection capable with a server or other device on a 5G
network. It is thus becoming more important to preemptively anticipate the
behavior of mobile malware using machine learning techniques based on
pre-learned datasets. In this paper, we propose a scheme to identify
malicious codes by extracting APIs used in Android apps by hybridizing
machine learning techniques based not only on APIs but also ACG. The proposed
scheme aims to reduce false positives of existing approaches using only APIs
and improving performance problems of ACG approaches using excessive
features. In addition, we evaluate the performance of the proposed scheme by
comparing and analyzing the experimental results of the proposed scheme and
the existing schemes for third-party malicious code samples. Keywords: Malware Detection, Machine Learning, API, API Call
Graph +: Corresponding
author: Jeong Hyun Yi School of Software, Soongsil University, Seoul, Korea,
06978, Tel: +82-2-820-0914 Journal
of Internet Services and Information Security
(JISIS), 9(4): 39-48,
November 2019 DOI: 10.22667/JISIS.2019.11.30.039 [pdf] |