Umeå University's logo

umu.sePublications
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Android malware detection using BERT
University of Luxembourg, Esch-sur-Alzette, Luxembourg.
University of Luxembourg, Esch-sur-Alzette, Luxembourg.
Umeå University, Faculty of Science and Technology, Department of Computing Science.ORCID iD: 0000-0003-1383-0372
University of Luxembourg, Esch-sur-Alzette, Luxembourg.
Show others and affiliations
2022 (English)In: Applied cryptography and network security workshops: ACNS 2022 satellite workshops, AIBlock, AIHWS, AIoTS, CIMSS, Cloud S&P, SCI, SecMT, SiMLA, Rome, Italy, June 20–23, 2022, proceedings, Springer Nature, 2022, p. 575-591Conference paper, Published paper (Refereed)
Abstract [en]

In this paper, we propose two empirical studies to (1) detect Android malware and (2) classify Android malware into families. We first (1) reproduce the results of MalBERT using BERT models learning with Android application’s manifests obtained from 265k applications (vs. 22k for MalBERT) from the AndroZoo dataset in order to detect malware. The results of the MalBERT paper are excellent and hard to believe as a manifest only roughly represents an application, we therefore try to answer the following questions in this paper. Are the experiments from MalBERT reproducible? How important are Permissions for malware detection? Is it possible to keep or improve the results by reducing the size of the manifests? We then (2) investigate if BERT can be used to classify Android malware into families. The results show that BERT can successfully differentiate malware/goodware with 97% accuracy. Furthermore BERT can classify malware families with 93% accuracy. We also demonstrate that Android permissions are not what allows BERT to successfully classify and even that it does not actually need it.
Place, publisher, year, edition, pages
Springer Nature, 2022. p. 575-591
Series
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349 ; 13285
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:umu:diva-200844DOI: 10.1007/978-3-031-16815-4_31ISI: 000869767400031Scopus ID: 2-s2.0-85140469467ISBN: 9783031168147 (print)OAI: oai:DiVA.org:umu-200844DiVA, id: diva2:1710002
Conference
Satellite Workshops on AIBlock, AIHWS, AIoTS, CIMSS, Cloud S and P, SCI, SecMT, SiMLA 2022, held in conjunction with the 20th International Conference on Applied Cryptography and Network Security, ACNS 2022, Rome, Italy, June 20-23, 2022
Note

Also part of Conference series: ACNS: International Conference on Applied Cryptography and Network Security

Available from: 2022-11-10 Created: 2022-11-10 Last updated: 2024-07-02Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Bartel, Alexandre

Search in DiVA

By author/editor
Bartel, Alexandre
By organisation
Department of Computing Science
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 501 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
Umeå University Library
|
Register in DiVA
|
Support
|
Search DiVA Portal