IECE Transactions on Advanced Computing and Systems Home About Editors Current Issue
-
CiteScore
-
Impact Factor
  1. Home
  2. Journals
  3. IECE Transactions on Advanced Computing and Systems
  4. Volume 1, Issue 1
ViTDroid and Hybrid Models for Effective Android and IoT Malware Detection
Research Article | Published: 29 March 2024
IECE Transactions on Advanced Computing and Systems Volume 1, Issue 1, 2024: 32-47
Volume 1, Issue 1, IECE Transactions on Advanced Computing and Systems
Volume 1, Issue 1, 2024
Submit Manuscript Edit a Special Issue
Article QR Code
Article QR Code
Scan the QR code for reading
Popular articles
Research on A Ship Trajectory Classification Method Based on Deep Learning YOLOv7-Bw: A Dense Small Object Efficient Detector Based on Remote Sensing Image Bridging Modalities: A Survey of Cross-Modal Image-Text Retrieval A Mimic Fusion Algorithm for Dual Channel Video Based on Possibility Distribution Synthesis Theory Deep Prediction Network Based on Covariance Intersection Fusion for Sensor Data Visual Feature Extraction and Tracking Method Based on Corner Flow Detection Inaugural Editorial of the Chinese Journal of Information Fusion Simultaneous Spatiotemporal Bias Compensation and Data Fusion for Asynchronous Multisensor Systems YOLOv8-Lite: A Lightweight Object Detection Model for Real-time Autonomous Driving Systems Short and Long-Term Renewable Electricity Demand Forecasting Based on CNN-Bi-GRU Model
IECE Transactions on Advanced Computing and Systems, Volume 1, Issue 1, 2024: 32-47

Open Access | Research Article | 29 March 2024
ViTDroid and Hybrid Models for Effective Android and IoT Malware Detection
by
Inam Ullah Khan Inam Ullah Khan 1
Asim Zeb Asim Zeb 2 *
Taj Rahman Taj Rahman 1
Fida Muhammad Khan Fida Muhammad Khan 1
Zeeshan Ali Haider Zeeshan Ali Haider 1
Hazrat Bilal Hazrat Bilal 3,4
1 Department of Computer Science, Qurtuba University of Science & Information Technology, 25000 Peshawar, Pakistan
2 Department of Computer Science, Abbottabad University of Science and Technology, Abbottabad 22010, Pakistan
3 College of Mechatronics and Control Engineering, Shenzhen University, Shenzhen 518060, China
4 College of Computer Science and Software Engineering, Shenzhen University, Shenzhen 518060, China
* Corresponding Author: Asim Zeb, [email protected]
DOI: 10.62762/TACS.2024.521915
Received: 06 January 2024, Accepted: 10 March 2024, Published: 29 March 2024  
   PDF  (1.10 MB) Full-Text HTML XML
Article Metrics Cite This Article
Abstract
This paper introduces ViTDroid, a novel hybrid model that combines Vision Transformers (ViTs) and recurrent neural networks (RNNs) to enhance Android and IoT malware detection. ViTDroid addresses critical challenges by leveraging ViTs to capture global spatial dependencies and RNNs (LSTM and GRU) to model temporal patterns, enabling comprehensive analysis of complex malware behaviors. Additionally, the model integrates explainability tools, such as LIME and SHAP, to enhance transparency and trustworthiness, essential for real-world cybersecurity applications. The study evaluates ViTDroid's performance against conventional models, including RNN, LSTM, and GRU, using accuracy, precision, recall, and F1 score as evaluation metrics. Results demonstrate that ViTDroid achieves superior performance with an accuracy of 99.1% for Android malware and 98% for IoT malware. Precision and recall values reach 0.99 and 0.98, respectively, for Android, and 0.97 and 0.98 for IoT, with F1 scores of 0.99 for Android and 0.97 for IoT. These findings underscore ViTDroid's potential as a robust, efficient, and explainable solution to combat evolving threats in mobile and IoT ecosystems, paving the way for future advancements in malware detection systems.
Graphical Abstract
ViTDroid and Hybrid Models for Effective Android and IoT Malware Detection
Keywords
Android malware
IoT malware
RNN
LSTM
GRU
ViTDroid
hybrid models
malware detection
deep learning
Data Availability Statement
Data will be made available on request.
Funding
This work was supported without any funding.
Conflicts of Interest
The authors declare no conflicts of interest.
Ethical Approval and Consent to Participate
Not applicable.
References
  1. Feth, D., & Pretschner, A. (2012, June). Flexible data-driven security for android. In 2012 IEEE Sixth International Conference on Software Security and Reliability (pp. 41-50). IEEE.
    [CrossRef]   [Google Scholar]
  2. Khokhlov, I., & Reznik, L. (2017, April). Data security evaluation for mobile android devices. In 2017 20th Conference of Open Innovations Association (FRUCT) (pp. 154-160). IEEE.
    [CrossRef]   [Google Scholar]
  3. Kilani, R., & Jensen, K. (2013). Mobile authentication with NFC enabled smartphones. Technical Report Electronics and Computer Engineering, 2(14).
    [Google Scholar]
  4. Qamar, A., Karim, A., & Chang, V. (2019). Mobile malware attacks: Review, taxonomy & future directions. Future Generation Computer Systems, 97, 887-909.
    [CrossRef]   [Google Scholar]
  5. Senanayake, J., Kalutarage, H., & Al-Kadri, M. O. (2021). Android mobile malware detection using machine learning: A systematic review. Electronics, 10(13), 1606.
    [CrossRef]   [Google Scholar]
  6. Gamba, J., Rashed, M., Razaghpanah, A., Tapiador, J., & Vallina-Rodriguez, N. (2020, May). An analysis of pre-installed android software. In 2020 IEEE symposium on security and privacy (SP) (pp. 1039-1055). IEEE.
    [Google Scholar]
  7. Ali, A. A., & H Abdul-Qawy, A. S. (2021). Static analysis of malware in android-based platforms: a progress study. International Journal of Computing and Digital Systems, 10(1), 321-331.
    [Google Scholar]
  8. Halim, M. A., Abdullah, A., & Ariffin, K. A. Z. (2019). Recurrent neural network for malware detection. Int. J. Advance Soft Compu. Appl, 11(1), 43-63.
    [Google Scholar]
  9. Rhode, M., Burnap, P., & Jones, K. (2018). Early-stage malware prediction using recurrent neural networks. Computers & security, 77, 578-594.
    [CrossRef]   [Google Scholar]
  10. Vinayakumar, R., Soman, K. P., Poornachandran, P., & Sachin Kumar, S. (2018). Detecting Android malware using long short-term memory (LSTM). Journal of Intelligent & Fuzzy Systems, 34(3), 1277-1288.
    [CrossRef]   [Google Scholar]
  11. Sun, G., & Qian, Q. (2018). Deep learning and visualization for identifying malware families. IEEE Transactions on Dependable and Secure Computing, 18(1), 283-295.
    [CrossRef]   [Google Scholar]
  12. Muhuri, P. S., Chatterjee, P., Yuan, X., Roy, K., & Esterline, A. (2020). Using a long short-term memory recurrent neural network (LSTM-RNN) to classify network attacks. Information, 11(5), 243.
    [CrossRef]   [Google Scholar]
  13. Seneviratne, S., Shariffdeen, R., Rasnayaka, S., & Kasthuriarachchi, N. (2022). Self-supervised vision transformers for malware detection. IEEE Access, 10, 103121-103135.
    [CrossRef]   [Google Scholar]
  14. Jo, J., Cho, J., & Moon, J. (2023). A malware detection and extraction method for the related information using the ViT attention mechanism on android operating system. Applied Sciences, 13(11), 6839.
    [CrossRef]   [Google Scholar]
  15. Moore, S. R., Ge, H., Li, N., & Proctor, R. W. (2019). Cybersecurity for android applications: Permissions in android 5 and 6. International Journal of Human--Computer Interaction, 35(7), 630-640.
    [CrossRef]   [Google Scholar]
  16. Alamro, H., Mtouaa, W., Aljameel, S., Salama, A. S., Hamza, M. A., & Othman, A. Y. (2023). Automated android malware detection using optimal ensemble learning approach for cybersecurity. IEEE Access, 11, 72509-72517.
    [CrossRef]   [Google Scholar]
  17. Wright, J., Dawson Jr, M. E., & Omar, M. (2012). Cyber security and mobile threats: The need for antivirus applications for smart phones. Journal of Information Systems Technology and Planning, 5(14), 40-60.
    [Google Scholar]
  18. Albakri, A., Alhayan, F., Alturki, N., Ahamed, S., & Shamsudheen, S. (2023). Metaheuristics with deep learning model for cybersecurity and Android malware detection and classification. Applied Sciences, 13(4), 2172.
    [CrossRef]   [Google Scholar]
  19. Rodriguez-Mota, A., Escamilla-Ambrosio, P. J., Happa, J., & Nurse, J. R. (2016, November). Towards IoT cybersecurity modeling: From malware analysis data to IoT system representation. In 2016 8th IEEE Latin-American Conference on Communications (LATINCOM) (pp. 1-6). IEEE.
    [CrossRef]   [Google Scholar]
  20. Khan, I. U., Khan, Z. A., Ahmad, M., Khan, A. H., Muahmmad, F., Imran, A., \ldots & Hamid, M. K. (2023, May). Machine Learning Techniques for Permission-based Malware Detection in Android Applications. In 2023 9th International Conference on Information Technology Trends (ITT) (pp. 7-13). IEEE.
    [Google Scholar]
  21. Shiri, F. M., Perumal, T., Mustapha, N., & Mohamed, R. (2023). A comprehensive overview and comparative analysis on deep learning models: CNN, RNN, LSTM, GRU. arXiv preprint arXiv:2305.17473.
    [Google Scholar]
  22. Adhikari, D., Ullah, I., Syed, I., & Choi, C. (2023). Phishing Detection in the Internet of Things for Cybersecurity. In Cybersecurity Management in Education Technologies (pp. 86-106). CRC Press.
    [Google Scholar]
  23. Taher, F., AlFandi, O., Al-kfairy, M., Al Hamadi, H., & Alrabaee, S. (2023). DroidDetectMW: a hybrid intelligent model for android malware detection. Applied Sciences, 13(13), 7720.
    [CrossRef]   [Google Scholar]
  24. Hamza, A. A., Abdel Halim, I. T., Sobh, M. A., & Bahaa-Eldin, A. M. (2022). HSAS-MD analyzer: a hybrid security analysis system using model-checking technique and deep learning for malware detection in IoT apps. Sensors, 22(3), 1079.
    [CrossRef]   [Google Scholar]
  25. Rodrigo, C., Pierre, S., Beaubrun, R., & El Khoury, F. (2021). BrainShield: a hybrid machine learning-based malware detection model for android devices. Electronics, 10(23), 2948.
    [CrossRef]   [Google Scholar]
  26. Baek, S., Jeon, J., Jeong, B., & Jeong, Y. S. (2021). Two-stage hybrid malware detection using deep learning. Human-centric Computing and Information Sciences, 11(27), 10-22967.
    [CrossRef]   [Google Scholar]
  27. Kumar, R., Zhang, X., Wang, W., Khan, R. U., Kumar, J., & Sharif, A. (2019). A multimodal malware detection technique for Android IoT devices using various features. IEEE access, 7, 64411-64430.
    [CrossRef]   [Google Scholar]
  28. Ravi, A., Chaturvedi, V., & Shafique, M. (2023). Vit4mal: Lightweight vision transformer for malware detection on edge devices. ACM Transactions on Embedded Computing Systems, 22(5s), 1-26.
    [CrossRef]   [Google Scholar]
  29. Alasmary, H., Anwar, A., Park, J., Choi, J., Nyang, D., & Mohaisen, A. (2018). Graph-based comparison of IoT and android malware. In Computational Data and Social Networks: 7th International Conference, CSoNet 2018, Shanghai, China, December 18--20, 2018, Proceedings 7 (pp. 259-272). Springer International Publishing.
    [Google Scholar]
  30. Ngo, Q. D., Nguyen, H. T., Le, V. H., & Nguyen, D. H. (2020). A survey of IoT malware and detection methods based on static features. ICT express, 6(4), 280-286.
    [CrossRef]   [Google Scholar]
  31. Ham, H. S., Kim, H. H., Kim, M. S., & Choi, M. J. (2014). Linear SVM‐based android malware detection for reliable IoT services. Journal of Applied Mathematics, 2014(1), 594501.
    [CrossRef]   [Google Scholar]
  32. Liu, X., Du, X., Zhang, X., Zhu, Q., Wang, H., & Guizani, M. (2019). Adversarial samples on android malware detection systems for IoT systems. Sensors, 19(4), 974.
    [CrossRef]   [Google Scholar]
  33. Ren, Z., Wu, H., Ning, Q., Hussain, I., & Chen, B. (2020). End-to-end malware detection for android IoT devices using deep learning. Ad Hoc Networks, 101, 102098.
    [CrossRef]   [Google Scholar]
  34. Liu, K., Xu, S., Xu, G., Zhang, M., Sun, D., & Liu, H. (2020). A review of android malware detection approaches based on machine learning. IEEE access, 8, 124579-124607.
    [CrossRef]   [Google Scholar]
  35. Ganesh, M., Pednekar, P., Prabhuswamy, P., Nair, D. S., Park, Y., & Jeon, H. (2017, July). CNN-based android malware detection. In 2017 international conference on software security and assurance (ICSSA) (pp. 60-65). IEEE.
    [CrossRef]   [Google Scholar]
  36. Gong, R. H., Zulkernine, M., & Abolmaesumi, P. (2005, May). A software implementation of a genetic algorithm based approach to network intrusion detection. In Sixth International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing and First ACIS International Workshop on Self-Assembling Wireless Network (pp. 246-253). IEEE.
    [Google Scholar]
  37. Hammood, L., Doğru, İ. A., & Kılıç, K. (2023). Machine learning-based adaptive genetic algorithm for android malware detection in auto-driving vehicles. Applied Sciences, 13(9), 5403.
    [CrossRef]   [Google Scholar]
  38. Lin, Y., & Chang, X. (2021). Towards interpreting ML-based automated malware detection models: A survey. arXiv preprint arXiv:2101.06232.
    [Google Scholar]
  39. Lundberg, S. M., & Lee, S. I. (2017). A unified approach to interpreting model predictions. Advances in neural information processing systems, 30.
    [Google Scholar]
  40. García, D. E., DeCastro-García, N., & Castañeda, A. L. M. (2023). An effectiveness analysis of transfer learning for the concept drift problem in malware detection. Expert systems with Applications, 212, 118724.
    [CrossRef]   [Google Scholar]
  41. Wong, W. K., Juwono, F. H., & Apriono, C. (2021). Vision-based malware detection: A transfer learning approach using optimal ecoc-svm configuration. Ieee Access, 9, 159262-159270.
    [CrossRef]   [Google Scholar]
  42. Panda, P., CU, O. K., Marappan, S., Ma, S., S, M., & Veesani Nandi, D. (2023). Transfer learning for image-based malware detection for iot. Sensors, 23(6), 3253.
    [CrossRef]   [Google Scholar]
Cite This Article
APA Style
Khan, U. I., Zeb, A., Rahman, T., Khan, F. M., Haider, Z. A., & Bilal, H. (2024). ViTDroid and Hybrid Models for Effective Android and IoT Malware Detection. IECE Transactions on Advanced Computing and Systems, 1(1), 32–47. https://doi.org/10.62762/TACS.2024.521915
Article Metrics
Citations:

Google Scholar
0

Crossref

0

Scopus

0

Web of Science

0
Article Access Statistics:
Views: 656
PDF Downloads: 165
Publisher's Note
IECE stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
CC BY Copyright © 2024 by the Author(s). Published by Institute of Emerging and Computer Engineers. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made.
IECE Transactions on Advanced Computing and Systems

IECE Transactions on Advanced Computing and Systems

ISSN: 3067-7157 (Online)

Email: [email protected]

Portico

Portico

All published articles are preserved here permanently:
https://www.portico.org/publishers/iece/

Copyright © 2024 Institute of Emerging and Computer Engineers Inc.