Using convolutional neural network for Android malware detection

Using convolutional neural network for Android malware detection

Isil Karabey Aksakalli
Erzurum Technical University, Faculty of Engineering and Architecture, Department of Computer Engineering, ERZURUM
COMPUTER MODELLING & NEW TECHNOLOGIES 2019 23(1) 29-35

With the increasing usage of smart mobile devices, the number of applications developed for these devices is already increasing day by day. Nearly all functionalities (sending e-mails, searching the internet, messaging via internet, making bank account transactions etc.) performed by using computer are carried out on mobile devices anymore. However, misuse of personal information emerges through malicious applications in the devices and these applications render the devices unusable. In the literature and industry, new methodologies have been proposed for mobile malware detection; however, there is still a research challenge to identify malwares on mobile applications and take precautions. In this paper, a permission-based model is implemented to detection of malware applications in mobile devices which have Android operating system. Permission-based features have been extracted from the apk files in the AndroTracker1 data set which is previously created in the literature. The results of classification techniques have been evaluated by applying four types of machine learning techniques (Support Vector Machine, k-Nearest Neighbor, Back Propagation) and these techniques have been compared with Convolutional Neural Network. The experimental results show that the permission-based model is highly successful using both machine learning technique and deep learning in the AndroTracker data set. Back Propagation gives the best result among the other machine learning techniques by 96.1% acurracy rate. Also Convolutional Neural Network has achieved success rate of 96.71%. This demonstrates that the accuracy rates of CNN and classical machine learning techniques close to each other and they have high accuracy rate because of small number of targets which are benign and malware.