Research On Android Malware Detection Method Based On Lightweight Convolutional Neural Network

As a portable portal to the online world,smartphones play a vital role in connecting people to the Internet.At present,the operating systems of smartphones are mainly Android system and IOS system.Data from research firm Gartner shows that in the first quarter of 2021,Android accounted for 86.3% of the smartphone operating system market share,making it the No.1 operating system in the market.Since the code of the Android operating system is open source and allows users to download and install software from various channels,this provides great convenience to the producers of malware,and various forms of malware can spread through various channels to harm User information and property security.Aiming at the problem that none of the existing neural network-based malware detection methods can directly detect unknown malware in real-time on Android mobile phones with limited resources,the application of lightweight neural network algorithms in this thesis is studied,and the The algorithm has been optimized,and the main work is as follows:1.Define important detection permissions for Android malware detection scenarios,and design permission extraction algorithms.The application important detection permission table is matrixed and then embedded in the bytecode grayscale image to enhance the discrimination of the Android application feature map.The experiment collected 6949 malwares in the Virus Share2020 data set and 5708 benign softwares in the Anzhi Android market.The results show that the feature maps embedded in the important detection permission table can significantly improve the detection accuracy of typical lightweight neural network algorithms for unknown malwares about 2%.2.Aiming at the problem of high resource consumption of MobileNet V3-Small network in the real-time detection of unknown malware on the Android side,the beneck module channel grouping design method and the network redundancy layer reduction algorithm are proposed,and the beneck is equally divided into upper and lower channels.After extracting the feature concat respectively,perform Chanel Shuffle,and prune the redundant level of MobileNet V3-Small network in the Android malware detection scenario through recursion and experimental result judgment.Experiments show that the optimized MobileNet V3-Small reduces the time loss of detecting feature maps by about 30% on the Pixel3(API28)simulator.3.Design and implement an Android real-time unknown malware detection system based on the optimized MobileNet V3-Small network.The system performs feature extraction on the Android application software data set on the host side to obtain a feature atlas,and trains the optimized MobileNet V3-Small network to obtain a prediction model;the system loads the prediction model on the mobile terminal to detect unknown malware in real time.The simulation results show that the detection accuracy of the system for malware is 98.2%,and it only takes 10 ms to detect a feature map on the Pixel3(API28)simulator,which can meet the requirements of real-time detection on the Android side.