TY - JOUR
T1 - Deep and broad URL feature mining for android malware detection
AU - Wang, Shanshan
AU - Chen, Zhenxiang
AU - Yan, Qiben
AU - Ji, Ke
AU - Peng, Lizhi
AU - Yang, Bo
AU - Conti, Mauro
PY - 2020/3
Y1 - 2020/3
N2 - In recent years, the scale and diversity of malicious software on mobile networks have grown significantly, thereby causing considerable danger to users’ property and personal privacy. In this study, we propose a malware detection method that uses the URLs visited by apps to identify malware. A multi-view neural network is used to create a malware detection model that emphasizes depth and width. This neural network can create multiple views of inputs automatically and distribute soft attention weights to focus on different features of inputs. Multiple views preserve rich semantic information from inputs for classification without requiring complicated feature engineering. In addition, we conduct comprehensive experiments to compare the proposed method with others and verify the validity of the detection model. The experimental results show that our method achieves robust and timely malware detection. It can not only effectively detect malware discovered in different months of a certain year, but also detect potentially malicious apps in the third-party app market. We also compare the detection results of the proposed method on wild apps with 10 popular anti-virus scanners, and the final result shows that our approach ranks second in terms of detection performance.
AB - In recent years, the scale and diversity of malicious software on mobile networks have grown significantly, thereby causing considerable danger to users’ property and personal privacy. In this study, we propose a malware detection method that uses the URLs visited by apps to identify malware. A multi-view neural network is used to create a malware detection model that emphasizes depth and width. This neural network can create multiple views of inputs automatically and distribute soft attention weights to focus on different features of inputs. Multiple views preserve rich semantic information from inputs for classification without requiring complicated feature engineering. In addition, we conduct comprehensive experiments to compare the proposed method with others and verify the validity of the detection model. The experimental results show that our method achieves robust and timely malware detection. It can not only effectively detect malware discovered in different months of a certain year, but also detect potentially malicious apps in the third-party app market. We also compare the detection results of the proposed method on wild apps with 10 popular anti-virus scanners, and the final result shows that our approach ranks second in terms of detection performance.
KW - Android malware detection
KW - Multi-view neural network
KW - URL feature mining
UR - http://www.scopus.com/inward/record.url?scp=85076042518&partnerID=8YFLogxK
U2 - 10.1016/j.ins.2019.11.008
DO - 10.1016/j.ins.2019.11.008
M3 - Article
AN - SCOPUS:85076042518
SN - 0020-0255
VL - 513
SP - 600
EP - 613
JO - Information Sciences
JF - Information Sciences
ER -