Research On Android Malware Detection Method Based On Image And Text Feature With Deep Learning

With the rapid development of the mobile Internet in recent years,modern people can't leave their smart mobile devices.At present around 80% of the world's smart phones use the Android system.Intelligent terminal once infected,the user's large amount of privacy information like account information will be leaked.Coupled with the Android system open source,research on Android malware detection is particularly important.Traditional Android malware detection methods,such as signature-based detection methods can only detect malware that has been stored in the library,can't detect new malware;detection methods based on decompilation can detect new malware,but can't solve the confusion and encryption malware which can't be decompiled so that cant't be analyzed.And the classification methods based on API features can't utilize the semantic/grammatical features of API or detect long sequences.To solve these existing problems,this thesis proposes two kinds of Android malware detection methods based on deep learning.The first method doesn't require decompile APK file to extract and analyze the semantic features and structural features of Android applications first and then select part of the characteristics to classify.It can solve the problem of detection undecompiled APK.This method directly displays the binary code obtained by decompressing the APK file in the form of grayscale visualization,and then classifies the image.It can improve the accuracy combining the high-order convolution neural network and fusion model.The second method needs to decompile the APK file,extracted system API sequence and then classify the API sequence using the text CNN classification method to solve the problem that the API information is not used well with traditional methods.Experiments and analyzes were carried out on the Drebin malware family dataset and the benign&malignant dataset constructed by this thesis respectively.The classification accuracy of the family classification using high-order convolutional neural networks is higher than the existing methods.In the benign&malignant dataset,the accuracy of the second method is higher than the traditional method of processing API features and the first method,but requires more time.