Android Malware Detection Based on Novel Representations of Apps

Tiezhu Sun, Nadia Daoudi, Kevin Allix, Jordan Samhi, Kisub Kim, Xin Zhou, Abdoul Kader Kabore, Dongsun Kim, David Lo, Tegawendé François Bissyandé, Jacques Klein

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

Abstract

In the past decade, advancements in computer vision (CV) and natural language processing (NLP) have been driven significantly by deep representation learning. This progress has made image and text representation learning appealing for applications in fields like malware detection, where deep learning methods can overcome the limitations of traditional hand-crafted feature-based approaches, offering enhanced adaptability to various malware variants. This chapter introduces two novel approaches in malware representation learning that leverage these advancements: DexRay and DexBERT. DexRay employs image-based techniques, transforming DEX file bytecode of apps into grayscale “vector” images. These images are then analyzed using a one-dimensional convolutional neural model to determine the presence of malware. DexBERT, inspired by the BERT language model, processes Smali instructions disassembled from bytecode to generate high-level embedding vectors. These vectors are pivotal for tasks such as malicious code localization and malware detection. Both DexRay and DexBERT have demonstrated significant improvements over traditional machine learning methods in malware detection, particularly in terms of accuracy, efficiency, and adaptability to new malware types. This chapter delves into the methodologies and experimental results of these techniques, highlighting their contributions to the field of malware detection and offering insights into their potential for broader applications in cybersecurity.

Original languageEnglish
Title of host publicationAdvances in Information Security
PublisherSpringer
Pages197-212
Number of pages16
DOIs
StatePublished - 2025

Publication series

NameAdvances in Information Security
Volume91
ISSN (Print)1568-2633
ISSN (Electronic)2512-2193

Fingerprint

Dive into the research topics of 'Android Malware Detection Based on Novel Representations of Apps'. Together they form a unique fingerprint.

Cite this