GAResNet: A Transfer Learning based Framework for Android Malware Detection

The increasing and widespread presence of malicious software (malware), especially targeting the Android platform, have brought unprecedented challenges to user privacy security. Numerous machine learning-based malware detection methods have been proposed. However, many of these approaches may not be effective due to the time-consuming process of training new models and the constant evolution of Android malware. This becomes particularly challenging when dealing with new variants of malware within a limited sample size. To address this challenge, drawing inspiration from abundant malware samples and extensive research on other platforms, we propose an Android malware detection framework GAResNet (ResNet with Group Convolution and Attention) leveraging transfer learning. Moreover, to extract more efficient and discriminative feature to further boost the malware detection capability for new malware, we integrate group convolution and attention mechanisms into the original residual network model. More precisely, our model trains on the Microsoft dataset and migrates to the Android dataset. The experimental results demonstrate that our proposed method achieves an accuracy of 88.46% with just one round of training when migrating to the target domain. After fine-tuning, the accuracy further improves to 96.20%, outperforming state-of-the-art detection approaches. These results highlight the effectiveness and superiority of our approach in the field of Android malware detection.