Android malware detection system integrating block feature extraction and multi-head attention mechanism

Yi Ming Chen, An Chi He, Guo Chung Chen, Yu Chi Liu

研究成果: 書貢獻/報告類型會議論文篇章同行評審

2 引文 斯高帕斯(Scopus)

摘要

With the rapid development of deep learning technology, the task of detecting mobile malware has made breakthrough progress. However, the deep learning model based on time series, when inputting long sequence features, still has the problem of gradient vanish due to the memory limitation of the recurrent neural network. Therefore, many subsequent studies have proposed feature compression and extraction methods for long sequence features, but no research has been found that can compress the sequence while still covering the complete feature information of the original sequence and the semantic temporal relationship. Therefore, this paper proposes a multi-model malware detection architecture that focuses on covering the global features while still maintaining partial timing relationships between compressed features. After integrating the Multi-head Attention mechanism, the recurrent neural network memory problem is improved. The model is executed in two stages: the pre-processing stage, which mainly performs segmentation and statistics for Dalvik Opcode; In the detection stage, input Bi-LSTM for semantic extraction. This stage helps to compress the original Opcode sequence to generate rich timing semantic block sequence of the meaning is used as the classification feature of the downstream classifier. The classifier in this study improves the Transformer model. The Multi-head Attention mechanism is used to efficiently focus on the sequence features, and the Global Pooling Layer is subsequently added to strengthen the model's sensitivity to data. Dimensionality reduction is performed to reduce overfitting of the model. Experimental results show that the accuracy reaches 99.63%, which is better than the deep learning method using images, and effectively reduces the vanishing gradient problem.

原文???core.languages.en_GB???
主出版物標題Proceedings - 2020 International Computer Symposium, ICS 2020
發行者Institute of Electrical and Electronics Engineers Inc.
頁面408-413
頁數6
ISBN(電子)9781728192550
DOIs
出版狀態已出版 - 12月 2020
事件2020 International Computer Symposium, ICS 2020 - Tainan, Taiwan
持續時間: 17 12月 202019 12月 2020

出版系列

名字Proceedings - 2020 International Computer Symposium, ICS 2020

???event.eventtypes.event.conference???

???event.eventtypes.event.conference???2020 International Computer Symposium, ICS 2020
國家/地區Taiwan
城市Tainan
期間17/12/2019/12/20

指紋

深入研究「Android malware detection system integrating block feature extraction and multi-head attention mechanism」主題。共同形成了獨特的指紋。

引用此