Abstract:
The availability of big data and affordable hardware have enabled the applications of deep learning on different tasks. With respect to security, several attempts have been made to transfer deep learning’s application from the domain of image recognition or natural language processing into malware detection. In this study, we propose AdMat - a simple yet effective framework to characterize Android applications by treating them as images. The novelty of our study lies in the construction of an adjacency matrix for each application. These matrices act as “input images” to the Convolutional Neural Network model, allowing it to learn to differentiate benign and malicious apps, as well as malware families. During the experiment, we found that AdMat was able to adapt to a variety of training ratios and achieve the average detection rate of 98.26% in different malware datasets. In classification tasks, it also successfully recognized over 97.00% of different malware families with limited number of training data.