An Android Malicious Application Detection Method with Decision Mechanism in the Operating Environment of Blockchain

Recently, security policies and behaviour detection methods have been proposed to improve the security of blockchain by many researchers. However, these methods cannot discover the source of typical behaviours, such as the malicious applications in the blockchain environment. Android application is an important part of the blockchain operating environment, and machine learning-based Android malware application detection method is significant for blockchain user security. The way of constructing features in these methods determines the performance. The single-feature mechanism, training classifiers with one type of features, cannot detect the malicious applications effectively which exhibit the typical behaviours in various forms. The multifeatures fusion mechanism, constructing mixed features from multiple types of data sources, can cover more kinds of information. However, different types of data sources will interfere with each other in the mixed features constructed by this mechanism. That limits the performance of the model. In order to improve the detection performance of Android malicious applications in complex scenarios, we propose an Android malicious application detection method which includes parallel feature processing and decision mechanism. Our method uses RGB image visualization technology to construct three types of RGB image which are utilized to train different classifiers, respectively, and a decision mechanism is designed to fuse the outputs of subclassifiers through weight analysis. This approach simultaneously extracts different types of features, which preserve application information comprehensively. Different classifiers are trained by these features to guarantee independence of each feature and classifier. On this basis, a comprehensive analysis of many methods is performed on the Android malware dataset, and the results show that our method has better efficiency and adaptability than others.