Content area

Abstract

A survey of literature shows that transforming the application files into images and employing deep learning-based models for image classification has been considered as one of the significant directions for malware detection and classification. Mainly, convolutional neural networks (CNN)-based models are successfully employed for Android malware detection and classification. This is mainly due to the reason that this type of malware detection and classification approach is platform independent and has the capability to detect metamorphic and polymorphic malware. The Image-based Android malware detection is resilient to both unpacked and packed malware. Following, this work employs various 26 CNN-based pretrained models and the detailed investigation and analysis of experiments are shown on the Image-based Android malware dataset. Each of these models have the capability to extract its own optimal features and these features are distinct to each other. The penultimate layer features of best performed CNN-based pretrained models are extracted and dimensionality of the features were reduced using kernel principal component analysis (KPCA). The reduced features were fused together and passed into a meta-classifier or stacked classifier for classification. This classifier has two levels; in the first level support vector machine (SVM) and random forest (RForest) machine learning classifier were included for prediction and logistic regression in the second level for classification. The four combinations of fused models are DenseNet, ResNet, InceptionResNet, and EfficientNet. EfficientNet-based fused models showed better performances compared to other fused models and non-fused CNN-based pretrained models. Moreover, the EfficientNet-based fused models outperformed the existing approaches for Android malware detection. All the model performances were shown on two different testing datasets and the proposed model has shown the similar performances on both the testing datasets with attaining better performances during training and testing. This indicates that the proposed model is more generalizable, robust, and it can be used as tool that can be deployed in any application play store.

Details

Title
EfficientNet deep learning meta-classifier approach for image-based android malware detection
Author
Ravi, Vinayakumar 1 ; Chaganti, Rajasekhar 2 

 Prince Mohammad Bin Fahd University, Center for Artificial Intelligence, Khobar, Saudi Arabia (GRID:grid.449337.e) (ISNI:0000 0004 1756 6721) 
 University of Texas at San Antonio, Department of Computer Science, San Antonio, USA (GRID:grid.215352.2) (ISNI:0000000121845633) 
Pages
24891-24917
Publication year
2023
Publication date
Jul 2023
Publisher
Springer Nature B.V.
ISSN
13807501
e-ISSN
15737721
Source type
Scholarly Journal
Language of publication
English
DOI
https://doi.org/10.1007/s11042-022-14236-6
ProQuest document ID
2828539357
Copyright
© The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2022. Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.