Abstract
Mobile device coverage is increasing as the Internet develops faster and faster. Android is becoming the most popular operating system among smartphones, where it is also the most common target for malware. For the research and detection of malware, taint analysis is a very important method. By studying whether the data introduced by the taint source in the application can be directly transmitted to the taint sink without harmless treatment, we can figure out whether the application experiences privacy leaks and other security problems. Traditional dynamic taint flow analysis is needed when real-time applications are running, which occupy a large amount of memory and resources, which is relatively time-consuming and costly. An analysis of static taint involves analyzing the dependencies between program codes without running or altering the underlying code. Existing methods, however, have lower false alarm rates due to their not considering the full features. Moreover, the existing methods require a large number of data sets for training to obtain better results, and long-term training also consumes memory. Therefore, this paper designs a deep learning malware detection scheme based on privilege feature and taint feature, expanding the multidimensional calculation of feature values, constructing the feature value table based on privilege feature, taint source feature, and taint sink feature, and introducing Transformer to analyze and detect it. In this paper, additionally, a small dataset can achieve higher classification results which is a good implementation of malware detection based on the Android platform.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Zhao, Zh.B., Fernando, C., Colón, O.: TrustDroid: preventing the use of SmartPhones for information leaking in corporate networks through the used of static analysis taint tracking. Malware 135–143 (2012)
Wu, S.Y., Wang, P., Li, X., Zhang, Y.: Effective detection of android malware based on the usage of data flow APIs and machine learning. Inf. Softw. Technol. 75, 17–25 (2016)
Fu, J.M., Liu, X.W., Cheng, B.L.: Malware behavior capturing based on taint propagation and stack. Backtracing TrustCom 2011, 328–335 (2011)
Kimmell, J.C., McDole, A., Abdelsalam, M., Gupta, M., Sandhu, R.S.: Recurrent neural networks based online behavioural malware detection techniques for cloud infrastructure. IEEE Access 9, 68066–68080 (2021)
Deng, L., Zeng, Q.K.: Exception-oriented programming: retrofitting code-reuse attacks to construct kernel malware. IET Inf. Secur. 10(6), 418–424 (2016)
Enck, W., Gilbert, P., Han, S., Tendulkar, V., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. 32(2), 5, 1–5, 29 (2014)
Yang, Zh.M., Yang, M.: LeakMiner: detect information leakage on android with static taint analysis. In: Proceedings of the 2012 Third World Congress on Software Engineering, pp. 101–104 (2012)
Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., et al.: FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. In: Conference on Programming Language Design and Implementation, pp. 259–269 (2014)
Reps, T., Horwitz, S., Sagiv, S.: Precise interprocedural dataflow analysis via graph reachability. In: Symposium on Principle of Programming Languages, pp. 49–61 (1995)
Cai, H.P., Jenkins, J.: Leveraging historical versions of Android apps for efficient and precise taint analysis. In: Proceedings of the 15th International Conference on Mining Software Repositories, pp. 265–269 (2018)
Tian, C., **a, C.L., Duan, Zh.H.: Android inter-component communication analysis with intent revision. In: Proceedings of the 40th International Conference on Software Engineering, pp. 254–255 (2018)
Bohluli, Z., Shahriari, H.R.: Detecting privacy leaks in android apps using inter-component information flow control analysis. In: 15th International Conference on Information Security and Cryptology, pp. 1–6 (2018)
Klieber, W., Flynn, L., Snavely, W., Zheng, M.: Practical precise taint-flow static analysis for android app sets. In: Proceedings of the 13th International Conference on Availability, Reliability and Security, vol. 56, p. 7 (2018)
Zhang, J., Tian, C., Duan, Zh.H.: FastDroid: efficient taint analysis for Android applications. In: Proceedings of the 40th International Conference on Software Engineering, pp. 236–237 (2019)
The Annotated Transformer: http://nlp.seas.harvard.edu/2018/04/03/attention.html. Accessed 3 Sep 2021
Vaswani, A., Shazeer, N., Parmar, N., Uszkoreit, J.: Attention is all you need. In: Conference on Neural Information Processing Systems, pp. 5998–6008 (2017)
Koodous: http://docs.koodous.com/. Accessed 20 Sep 2021
Acknowledgement
This work is supported by the Program 2020AAA0107704.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yun, X., Zhu, Z., Fang, L., Zhang, A. (2022). A Lightweight Context-Based Android Malware Detection Scheme. In: S. Shmaliy, Y., Abdelnaby Zekry, A. (eds) 6th International Technical Conference on Advances in Computing, Control and Industrial Engineering (CCIE 2021). CCIE 2021. Lecture Notes in Electrical Engineering, vol 920. Springer, Singapore. https://doi.org/10.1007/978-981-19-3927-3_69
Download citation
DOI: https://doi.org/10.1007/978-981-19-3927-3_69
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-3926-6
Online ISBN: 978-981-19-3927-3
eBook Packages: EngineeringEngineering (R0)