REVISTA
Applied Sciences

TODAS

Inicio / Applied Sciences / Vol: 13 Par: 11 (2023) / Art�culo

ART�CULO

TITULO

A Malware Detection and Extraction Method for the Related Information Using the ViT Attention Mechanism on Android Operating System

Jeonggeun Jo

Jaeik Cho and Jongsub Moon

Resumen

Artificial intelligence (AI) is increasingly being utilized in cybersecurity, particularly for detecting malicious applications. However, the black-box nature of AI models presents a significant challenge. This lack of transparency makes it difficult to understand and trust the results. In order to address this, it is necessary to incorporate explainability into the detection model. There is insufficient research to provide reasons why applications are detected as malicious or explain their behavior. In this paper, we propose a method of a Vision Transformer(ViT)-based malware detection model and malicious behavior extraction using an attention map to achieve high detection accuracy and high interpretability. Malware detection uses a ViT-based model, which takes an image as input. ViT offers a significant advantage for image detection tasks by leveraging attention mechanisms, enabling robust interpretation and understanding of the intricate patterns within the images. The image is converted from an application. An attention map is generated with attention values generated during the detection process. The attention map is used to identify factors that the model deems important. Class and method names are extracted and provided based on the identified factors. The performance of the detection was validated using real-world datasets. The malware detection accuracy was 80.27%, which is a high level of accuracy compared to other models used for image-based malware detection. The interpretability was measured in the same way as the F1-score, resulting in an interpretability score of 0.70. This score is superior to existing interpretable machine learning (ML)-based methods, such as Drebin, LIME, and XMal. By analyzing malicious applications, we also confirmed that the extracted classes and methods are related to malicious behavior. With the proposed method, security experts can understand the reason behind the model?s detection and the behavior of malicious applications. Given the growing importance of explainable artificial intelligence in cybersecurity, this method is expected to make a significant contribution to this field.

Palabras claves

explainable artificial intelligence (XAI) - deep learning - cybersecurity - mobile malware - malware detection - visualization

Acceso

P�GINAS

pp. 0 - 0

N�MERO

Volumen: 13 Parte: 11 (2023)

MATERIAS

INGENIER�A Y CONSTRUCCI�N CIVIL
TECNOLOG�A

REVISTAS SIMILARES

Applied Sciences
Information
Computers

DOI

https://doi.org/10.3390/app13116839

Art�culos similares

A Survey and Evaluation of Android-Based Malware Evasion Techniques and Detection Frameworks

Acceso

Parvez Faruki, Rati Bhan, Vinesh Jain, Sajal Bhatia, Nour El Madhoun and Rajendra Pamula

Android platform security is an active area of research where malware detection techniques continuously evolve to identify novel malware and improve the timely and accurate detection of existing malware. Adversaries are constantly in charge of employing ... ver m�s

Revista: Information

Dynamic IoT Malware Detection in Android Systems Using Profile Hidden Markov Models

Acceso

Norah Abanmi, Heba Kurdi and Mai Alzamel

The prevalence of malware attacks that target IoT systems has raised an alarm and highlighted the need for efficient mechanisms to detect and defeat them. However, detecting malware is challenging, especially malware with new or unknown behaviors. The ma... ver m�s

Revista: Applied Sciences

Image-Based Malware Detection Using a-Cuts and Binary Visualisation

Acceso

Betty Saridou, Isidoros Moulas, Stavros Shiaeles and Basil Papadopoulos

Image conversion of malicious binaries, or binary visualisation, is a relevant approach in the security community. Recently, it has exceeded the role of a single-file malware analysis tool and has become a part of Intrusion Detection Systems (IDSs) thank... ver m�s

Revista: Applied Sciences

A Neural Network Approach to a Grayscale Image-Based Multi-File Type Malware Detection System

Acceso

Abigail Copiaco, Leena El Neel, Tasnim Nazzal, Husameldin Mukhtar and Walid Obaid

This study introduces an innovative all-in-one malware identification model that significantly enhances convenience and resource efficiency in classifying malware across diverse file types. Traditional malware identification methods involve the extractio... ver m�s

Revista: Applied Sciences

A Malware Detection Framework Based on Semantic Information of Behavioral Features

Acceso

Yuxin Zhang, Shumian Yang, Lijuan Xu, Xin Li and Dawei Zhao

As the amount of malware has grown rapidly in recent years, it has become the most dominant attack method in network security. Learning execution behavior, especially Application Programming Interface (API) call sequences, has been shown to be effective ... ver m�s

Revista: Applied Sciences

Revistas destacadas

Acceso directo a los n�meros publicados en la revista Infrastructures

Infrastructures

Acceso directo a los n�meros publicados en la revista Informed Infraestructure

Informed Infraestructure

Acceso directo a los n�meros publicados en la revista BiT

Acceso directo a los n�meros publicados en la revista Revista de la Construcci�n

Revista de la Construcci�n

Ver todas las revistas disponibles