An Android Malware Detection Method Based on Metapath Aggregated Graph Neural Network.
ALGORITHMS AND ARCHITECTURES FOR PARALLEL PROCESSING, ICA3PP 2023, PT III(2024)
Hebei Normal Univ
Abstract
Android system is facing an increasing threat of malware. Most of the current malware detection systems need to use large-scale training samples to get high accuracy. However, it is difficult to get a lot of samples. To solve this problem, we proposed a MAAMD (Metapath Aggregated Android Malware Detection) to obtain more useful information under the condition of a limited number of samples. In our method, the two most critical information types, namely API and Permission, are extracted as nodes, and the heterogeneous graph is constructed together with the APP nodes. The embedding of APP nodes is completed through two modules: intra-metapath aggregation and inter-metapath aggregation, then the classification of APP nodes is implemented by the SVM classifier. Each selected pathway is aggregated in the intra-metapath aggregation module, which aggregates the features of the intermediate node on the metapath and the features of the destination node itself. Therefore, the aggregated metapath obtains more semantic information which is helpful for malware detection. In the experiment, we achieved 99.68% accuracy only by 2,505 malicious APPs and 2,431 benign APPs. Compared with other methods that use large-scale training samples, MAAMD achieves higher accuracy by small-scale samples.
MoreTranslated text
Key words
Android,Heterogeneous graph neural network,Metapath aggregation,Malware detection
求助PDF
上传PDF
View via Publisher
AI Read Science
AI Summary
AI Summary is the key point extracted automatically understanding the full text of the paper, including the background, methods, results, conclusions, icons and other key content, so that you can get the outline of the paper at a glance.
Example
Background
Key content
Introduction
Methods
Results
Related work
Fund
Key content
- Pretraining has recently greatly promoted the development of natural language processing (NLP)
- We show that M6 outperforms the baselines in multimodal downstream tasks, and the large M6 with 10 parameters can reach a better performance
- We propose a method called M6 that is able to process information of multiple modalities and perform both single-modal and cross-modal understanding and generation
- The model is scaled to large model with 10 billion parameters with sophisticated deployment, and the 10 -parameter M6-large is the largest pretrained model in Chinese
- Experimental results show that our proposed M6 outperforms the baseline in a number of downstream tasks concerning both single modality and multiple modalities We will continue the pretraining of extremely large models by increasing data to explore the limit of its performance
Upload PDF to Generate Summary
Must-Reading Tree
Example

Generate MRT to find the research sequence of this paper
Data Disclaimer
The page data are from open Internet sources, cooperative publishers and automatic analysis results through AI technology. We do not make any commitments and guarantees for the validity, accuracy, correctness, reliability, completeness and timeliness of the page data. If you have any questions, please contact us by email: report@aminer.cn
Chat Paper
Summary is being generated by the instructions you defined