MUDROID: Android malware detection and classification based on permission and behavior for autonomous vehicles

by Binhui TangHai DaBochang WangJunfeng Wang

With the growing popularity of autonomous vehicles, ensuring their safety has become a significant concern. Vehicle manufacturers have incorporated the Android operating system to enhance user convenience. However, the Android operating system’s diversity and vulnerability may significantly impact autonomous vehicles because these natures lead to a critical threat in autonomous vehicle security: Android malware. The complex nature of multi‐data sources fusion in autonomous driving systems has resulted in low detection efficiency and accuracy for Android malware. Given the security requirements for autonomous‐driving systems, this article presents an Android malware classification method centered around the multifeature fusion and deep learning architecture designed to detect and classify Android malware within autonomous‐driving systems. The proposed MUDROID framework relies on the Android permission mechanism and behavioral feature to formulate a malware classification model. Comprising four essential components—feature extraction, representation, multifeature fusion, and classifier training, MUDROID leverages the advantages of CNN and GCN combination model and is adept at extracting and interpreting multidimensional features, consequently constructing a multifeature fusion classifier to amplify the efficiency and accuracy of Android malware detection and classification. The experiment results support MUDROID’s superior classification performance, with an impressive Android malware detection accuracy rate of 98.69% and family classification (95.42%). The proposed method can detect and classify Android malware effectively, thus elevating the security and robustness of the self‐driving system. Additionally, the approach in this article also addresses feature representation issues in detecting malware variants, facilitating the recognition of Android malware variants across diverse platforms.

AMD‐CNN: Android malware detection via feature graph and convolutional neural networks

by R. ArslanMurat Tasyurek

Android malware has become a serious threat to mobile device users, and effective detection and defence architectures are needed to solve this problem. Recently, machine learning techniques have been widely used to deal with Android malicious apps. These methods are based on a simple feature set and have difficulty detecting up‐to‐date malware. Therefore, more robust and efficient classification methodologies are needed. In this article, AMD‐CNN, an Android malware detection tool, is proposed, and it uses graphical representations to detect malicious apks. In the first step, the features related to the androidmanifest.xml file are extracted and converted into a vector consisting of one or zero. The feature vector is then converted to 2D‐code images and used in training the CNN network. The model needs low‐resource consumption to run on mobile devices and allow real‐time applications to be analyzed. The experiments with 1920 malicious and benign apks show that the malware detection rate (accuracy) was 96.2% and precision, recall, and F‐score values were 97.9%, 98.2%, and 98.1%, respectively. The average time and memory space to analyze each application are 0.035 s and 3.38 MB. AMD‐CNN is an efficient and robust tool and has advantages over previous studies.

Posts

Program Studi Informatika

Informasi Tentang