Towards Multi-view Android Malware Detection Through Image-based Deep Learning

Over the last years, several works have proposed highly accurate Android malware detection techniques. Surprisingly, modern malware apps can still pave their way to official markets, thus, demanding the provision of more robust and accurate detection approaches. This paper proposes a new multi-view Android malware detection through image-based deep learning, implemented threefold. First, apps are evaluated according to several feature sets in a multi-view setting, thus, increasing the information provided for the classification task. Second, extracted feature sets are converted to an image format while maintaining the principal components of the data distribution, keeping the information for the classification task. Third, built images are jointly represented in a single shot, each in a predefined image channel, enabling the application of deep learning architectures. Experiments on a new version of a publicly available Android malware dataset composed of over 11 thousand Android apps have shown our proposal's feasibility. It reaches true-negative rates of up to 99.5% when implemented with a single-view approach with our new image-building technique. In addition, if our proposed multi-view scheme is used, the classification accuracies of malware families become more stable, reaching a true-positive rate of up to 98.7%.