An efficient combined deep neural network based malware detection framework in 5G environment

Abstract

While Android smartphones are widely used in 5G networks, third-party application platforms are facing a rapid increase in the screening of applications for market launch. However, on the one hand, due to the receipt of excessive applications for listing, the review requires a lot of time and computing resources. On the other hand, due to the multi-selectivity of Android application features, it is difficult to determine the best feature combination as a criterion for distinguishing benign and malicious software. To address these challenges, this paper proposes an efficient malware detection framework based on deep neural network called DLAMD that can face large-scale samples. An efficient detection framework is designed, which combines the pre-detection phase of rapid detection and the deep detection phase of deep detection. The Android application package (APK) is analyzed in detail, and the permissions and opcodes feature that can distinguish benign from malicious are quickly extracted from the APK. Besides, to obtain the feature subset that can distinguish the attributes most, the random forest with good effect is selected for importance selection and the convolutional neural network (CNN) which automatically extracted the hidden pattern inside features is selected for feature selection. In the experiment, real data from shared malware collection and third-party application download platforms are used to verify the high efficiency of the proposed method. The results show that the comprehensive classification index F1-score of DLAMD can reach 95.69%.