A Lightweight Context-Based Android Malware Detection Scheme

Mobile device coverage is increasing as the Internet develops faster and faster. Android is becoming the most popular operating system among smartphones, where it is also the most common target for malware. For the research and detection of malware, taint analysis is a very important method. By studying whether the data introduced by the taint source in the application can be directly transmitted to the taint sink without harmless treatment, we can figure out whether the application experiences privacy leaks and other security problems. Traditional dynamic taint flow analysis is needed when real-time applications are running, which occupy a large amount of memory and resources, which is relatively time-consuming and costly. An analysis of static taint involves analyzing the dependencies between program codes without running or altering the underlying code. Existing methods, however, have lower false alarm rates due to their not considering the full features. Moreover, the existing methods require a large number of data sets for training to obtain better results, and long-term training also consumes memory. Therefore, this paper designs a deep learning malware detection scheme based on privilege feature and taint feature, expanding the multidimensional calculation of feature values, constructing the feature value table based on privilege feature, taint source feature, and taint sink feature, and introducing Transformer to analyze and detect it. In this paper, additionally, a small dataset can achieve higher classification results which is a good implementation of malware detection based on the Android platform.