Efficient android malware identification with limited training data utilizing multiple convolution neural network techniques

The Internet of Things (IoT) has experienced phenomenal expansion over the past few years and has emerged as one of the most dynamic sectors of the international market. Android has become the driving force behind the rapid development of the IoT, and malware is one of the most severe concerns. Android is an open-source platform with a significant number of users. The identification of Android malware has become more critical in cybersecurity due to the meteoric rise of Android malware over the past few years and the severity of the damage it inflicts on smartphone users. Existing traditional Android malware detection methods based on machine learning have achieved encouraging performance. Still, the solution requires a massive workforce of feature engineering to build dynamic or static features and continuous learning through pre-extracted features to maintain high performance in identifying malware. Therefore, technologies for end-to-end malware detection without human interaction are necessary. In response to the rapid evolution of Android malware, a convolutional neural network that can acquire knowledge without requiring feature extraction is ideally suited. This paper offers a unique classification approach for malware based on a convolutional neural network, with feature extraction selected from the current pre-trained models DenseNet169, Xception, InceptionV3, ResNet50, and VGG16. The proposed methods have an advantage over existing detection methods due to their end-to-end learning process. Our suggested approaches convert Android APK files to binary codes and RGB images for usage as inputs to deep learning models. These models are trained and evaluated using the CICInvesAndMal2019 dataset, which consists of 333 benign and 428 malicious applications. Experiments demonstrate that the proposed approaches achieve a classification accuracy of 95.24%, 95.24%, and 95.83% for DenseNet169, InceptionV3, and VGG16, respectively, on a 761-sample dataset of malware, which is superior to other compared algorithms. Compared to previous methods, our suggested methods are more applicable to Android IoT devices since they do not require manual feature engineering and consume fewer resources.