A performance-sensitive malware detection system using deep learning on mobile devices

Author

Ruitao FENG
Sen CHEN
Xiaofei XIE, Singapore Management UniversityFollow
Guozhu MENG
Shang-Wei LIN
Yang LIU

Publication Type

Journal Article

Version

acceptedVersion

Publication Date

9-2020

Abstract

Currently, Android malware detection is mostly performed on server side against the increasing number of malware. Powerful computing resource provides more exhaustive protection for app markets than maintaining detection by a single user. However, apart from the applications (apps) provided by the official market (i.e., Google Play Store), apps from unofficial markets and third-party resources are always causing serious security threats to end-users. Meanwhile, it is a time-consuming task if the app is downloaded first and then uploaded to the server side for detection, because the network transmission has a lot of overhead. In addition, the uploading process also suffers from the security threats of attackers. Consequently, a last line of defense on mobile devices is necessary and much-needed. In this paper, we propose an effective Android malware detection system, MobiTive, leveraging customized deep neural networks to provide a real-time and responsive detection environment on mobile devices. MobiTive is a pre-installed solution rather than an app scanning and monitoring engine using after installation, which is more practical and secure. Although a deep learning-based approach can be maintained on server side efficiently for malware detection, original deep learning models cannot be directly deployed and executed on mobile devices due to various performance limitations, such as computation power, memory size, and energy. Therefore, we evaluate and investigate the following key points: (1) the performance of different feature extraction methods based on source code or binary code; (2) the performance of different feature type selections for deep learning on mobile devices; (3) the detection accuracy of different deep neural networks on mobile devices; (4) the real-time detection performance and accuracy on different mobile devices; (5) the potential based on the evolution trend of mobile devices' specifications; and finally we further propose a practical solution (MobiTive) to detect Android malware on mobile devices.

Keywords

Malware, Androids, Humanoid robots, Feature extraction, Mobile handsets, Performance evaluation, Security, Android malware, malware detection, deep neural network, mobile platform, performance

Discipline

OS and Networks | Software Engineering

Research Areas

Software and Cyber-Physical Systems

Publication

IEEE Transactions on Information Forensics and Security

Volume

16

First Page

1563

Last Page

1578

ISSN

1556-6013

Identifier

10.1109/TIFS.2020.3025436

Publisher

Institute of Electrical and Electronics Engineers

Citation

FENG, Ruitao; CHEN, Sen; XIE, Xiaofei; MENG, Guozhu; LIN, Shang-Wei; and LIU, Yang. A performance-sensitive malware detection system using deep learning on mobile devices. (2020). IEEE Transactions on Information Forensics and Security. 16, 1563-1578.
Available at: https://ink.library.smu.edu.sg/sis_research/6937

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.