loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Francesco Mercaldo 1 ; 2 ; Fabio Martinelli 2 and Antonella Santone 1

Affiliations: 1 University of Molise, Campobasso, Italy ; 2 Istituto di Informatica e Telematica, Consiglio Nazionale delle Ricerche, Pisa, Italy

Keyword(s): Malware, Security, Deep Learning, Explainability, Android, Testing.

Abstract: Mobile devices, in particular the ones powered by the Android operating system, are constantly subjected to attacks from malicious writers, continuously involved in the development of aggressive malicious payload aimed to extract sensitive and private data from our smartphones and mobile devices. From the defensive point of view, the signature-based approach implemented in current antimalware has largely demonstrated its inefficacy in fighting novel malicious payloads but also old ones, when attackers apply (even simple) obfuscation techniques. In this paper, a method aimed to detect malware attacking mobile platforms is proposed. We exploit dynamic analysis and deep learning: in particular, we design the representation of an application as an image directly generated from the system call trace. This representation is then exploited as input for a deep learning network aimed to discern between malicious or trusted applications. Furthermore, we provide a kind of explainability behind the deep learning model prediction, by highlighting into the image obtained from the application under analysis the areas symptomatic of a certain prediction. An experimental analysis with more than 6000 (malicious and legitimate) Android real-world applications is proposed, by reaching a precision of 0.715 and a recall equal to 0.837, showing the effectiveness of the proposed method. Moreover, examples of visual explainability are discussed with the aim to show how the proposed method can be useful for security analysts to better understand the application malicious behaviour. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 44.220.251.236

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Mercaldo, F.; Martinelli, F. and Santone, A. (2023). An Explainable Convolutional Neural Network for Dynamic Android Malware Detection. In Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-624-8; ISSN 2184-4356, SciTePress, pages 305-312. DOI: 10.5220/0011609800003405

@conference{icissp23,
author={Francesco Mercaldo. and Fabio Martinelli. and Antonella Santone.},
title={An Explainable Convolutional Neural Network for Dynamic Android Malware Detection},
booktitle={Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP},
year={2023},
pages={305-312},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011609800003405},
isbn={978-989-758-624-8},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP
TI - An Explainable Convolutional Neural Network for Dynamic Android Malware Detection
SN - 978-989-758-624-8
IS - 2184-4356
AU - Mercaldo, F.
AU - Martinelli, F.
AU - Santone, A.
PY - 2023
SP - 305
EP - 312
DO - 10.5220/0011609800003405
PB - SciTePress