| Abstrakt: |
Detecting malware on mobile devices using the Android operating system has become a critical challenge in the field of cybersecurity, in the context of the rapid increase in the number of malware variants and the frequency of attacks targeting Android devices. In this paper, we propose a novel intelligent computational method to enhance the effectiveness of Android malware detection models. The proposed method combines two main techniques: (1) constructing a malware behavior profile and (2) extracting features from the malware behavior profile using graph neural networks. Specifically, to effectively construct an Android malware behavior profile, this paper proposes an information enrichment technique for the function call graph of malware files, based on new graph-structured features and semantic features of the malware's source code. Additionally, to extract significant features from the constructed behavior profile, the study proposes using the GraphSAGE graph neural network. With this novel intelligent computational method, a variety of significant features of the malware have been effectively represented, synthesized, and extracted. The approach to detecting Android malware proposed in this paper is a new study and has not been explored in previous research. The experimental results on a dataset of 40,819 Android software indicate that the proposed method performs well across all metrics, with particularly impressive accuracy and recall scores of 99.03% and 99.19%, respectively, which outperforms existing state-of-the-art methods. [ABSTRACT FROM AUTHOR] |
