Research And Implementation Of Android Malware Detection Based On Deep Learning

With the development of technology,,smartphones have become the main communication medium for people.The Android system leads the smartphone market by occupying market share at all levels.At the same time,due to the open source and free nature of the Android system,it also provides opportunities for a large number of malicious applications to invade.Therefore,studying Android malware detection is of great significance for network security.At present,traditional feature detection methods for Android malware typically use manual feature selection or machine learning algorithms.These methods have the disadvantages of complex manual feature selection and time-consuming and laborious Feature engineering.Therefore,deep learning based malware detection methods have emerged.The malware detection method based on depth science avoids the process of manual Feature selection and Feature engineering,and can automatically learn the complex patterns and features in the data.At the same time,deep learning models have better generalization ability and can deal with unknown malicious software.However,using traditional deep learning models is not only inefficient,but also has unsatisfactory training efficiency and accuracy.Therefore,this article proposes a ResNet based approach_Android malware detection system for LSTM model.The system first uses ResNet to extract features from Android malware images,and then uses LSTM to model and classify the extracted features in sequence.The system has good classification performance and accuracy,and can detect unknown malicious software.For the dataset,the public dataset CCCS-CICAndMal-2020 was used to detect malware in Android applications.However,due to the large number of samples in the CCCS-CICAndMal-2020 dataset and the fact that the dataset has not been classified,it may affect the accuracy of model detection.Additionally,the dataset from 2020 has real-time issues.Therefore,this article will perform dynamic static extraction on the dataset and classify it.The paper work includes:1.This article divides the CCCS-CICAndMal-2020 dataset into dynamic and static datasets using dynamic and static extraction methods.Considering the issue of data timeliness,the VirusShare dataset is used to expand the malicious software dataset of the CCCS-CICAndMal-2020 dataset,and benign software data is collected in the official store to expand the benign software dataset of CCCS-CICAndMal-2020,And separately extract static and dynamic behavior features from the dataset.This article expands the dataset to increase the diversity and timeliness of the data.2.This article proposes a ResNet based approach and the Android malware detection of LSTM model,ResNet model can extract image features,while LSTM model can process sequence data.Combining the advantages of both can improve the performance and generalization ability of the model.And introduce the SELayer attention mechanism.Compared to other deep learning models,ResNet_The LSTM model can improve the classification performance of the model,thereby improving its accuracy.3.Based on the principles of software engineering,a requirements analysis was conducted,and a malicious software detection system based on deep learning was designed and implemented.The system includes three major modules:data processing module,malware detection module,and webpage interaction module.