CBAM-CGRU-SVM based Android malware detection method

doi:10.11772/j.issn.1001-9081.2023050708

Journal of Computer Applications ›› 0, Vol. ›› Issue (): 0-0.DOI: 10.11772/j.issn.1001-9081.2023050708

Received:2023-06-04 Revised:2023-09-18 Online:2023-10-27 Published:2023-10-27
Supported by:
Shanxi Province Basic Research Program of China;Shanxi Province Basic Research Program of China

基于CBAM-CGRU-SVM的Android恶意软件检测方法

孙敏,成倩,丁希宁

山西大学

通讯作者: 孙敏
基金资助:
山西省基础研究计划项目;山西省基础研究计划项目

Abstract

Abstract: As the type and amount of Android malware continues to grow, it becomes increasingly important to detect malware to protect system security and user privacy. A CBAM-CGRU-SVM model based on Convolutional Neural Networks (CNN) and Gated Recurrent Unit (GRU) is proposed to address the problem of low classification accuracy of traditional malware detection models. In this model, more key features of malware are first learned by adding a Convolutional Block Attention Module (CBAM) to the convolutional neural network, and then GRU units are vemployed to further extract features. In order to solve the problem of insufficient generalization ability of the model when performing image classification, the model finally uses Support Vector Machine (SVM) instead of softmax activation function as the classification function of the model. The experiments use the malimg public dataset, which images malware data as model input. The experimental results show that the classification accuracy of CBAM-CGRU-SVM model reaches 94.73%, which can effectively classify malware families.

Key words: Keywords: malware, Convolutional neural networks (CNN), CBAM, Gated circulation unit (GRU), Support vector machines (SVM)

摘要： 随着Android恶意软件的种类和数量不断增多，检测恶意软件以保护系统安全和用户隐私变得越来越重要。针对传统的恶意软件检测模型分类准确率较低的问题，提出了一种基于卷积神经网络(CNN)和门控循环单元(GRU)的CBAM-CGRU -SVM模型。该模型中，首先通过在卷积神经网络中添加卷积块注意力模块(CBAM)，来学习更多恶意软件的关键特征，然后采用GRU单元进一步提取特征。为了解决进行图像分类时模型泛化能力不足的问题，模型最后使用支持向量机(SVM)代替softmax激活函数作为模型的分类函数。实验使用了Malimg公开数据集，该数据集将恶意软件数据图像化作为模型输入。实验结果表明，CBAM-CGRU-SVM模型分类准确率达到94.73%，能够更有效地对恶意软件家族进行分类。

关键词: 关键词: 恶意软件, 卷积神经网络, CBAM, 门控循环单元, 支持向量机

CLC Number:

TP309.5

孙敏成倩丁希宁. 基于CBAM-CGRU-SVM的Android恶意软件检测方法[J]. 《计算机应用》唯一官方网站, 0, (): 0-0.

[1]	Yanan LI, Mengyang GUO, Guojun DENG, Yunfeng CHEN, Jianji REN, Yongliang YUAN. Method for life prediction of parallel branching engine based on multi-modal fusion features [J]. Journal of Computer Applications, 2026, 46(1): 305-313.
[2]	Lijin YAO, Di ZHANG, Piyu ZHOU, Zhijian QU, Haipeng WANG. Transformer and gated recurrent unit-based de novo sequencing algorithm for phosphopeptides [J]. Journal of Computer Applications, 2026, 46(1): 297-304.
[3]	Dengran REN, Shuying WANG. Nested named entity recognition model for wind power equipment based on differential boundary enhancement [J]. Journal of Computer Applications, 2025, 45(9): 2798-2805.
[4]	Hongjun ZHANG, Gaojun PAN, Hao YE, Yubin LU, Yiheng MIAO. Multi-source heterogeneous data analysis method combining deep learning and tensor decomposition [J]. Journal of Computer Applications, 2025, 45(9): 2838-2847.
[5]	Chao SHI, Yuxin ZHOU, Qian FU, Wanyu TANG, Ling HE, Yuanyuan LI. Action recognition algorithm for ADHD patients using skeleton and 3D heatmap [J]. Journal of Computer Applications, 2025, 45(9): 3036-3044.
[6]	Peng PENG, Ziting CAI, Wenling LIU, Caihua CHEN, Wei ZENG, Baolai HUANG. Speech emotion recognition method based on hybrid Siamese network with CNN and bidirectional GRU [J]. Journal of Computer Applications, 2025, 45(8): 2515-2521.
[7]	Jinhao LIN, Chuan LUO, Tianrui LI, Hongmei CHEN. Thoracic disease classification method based on cross-scale attention network [J]. Journal of Computer Applications, 2025, 45(8): 2712-2719.
[8]	Yongpeng TAO, Shiqi BAI, Zhengwen ZHOU. Neural architecture search for multi-tissue segmentation using convolutional and transformer-based networks in glioma segmentation [J]. Journal of Computer Applications, 2025, 45(7): 2378-2386.
[9]	Yingjun ZHANG, Weiwei YAN, Binhong XIE, Rui ZHANG, Wangdong LU. Gradient-discriminative and feature norm-driven open-world object detection [J]. Journal of Computer Applications, 2025, 45(7): 2203-2210.
[10]	Zonghang WU, Dong ZHANG, Guanyu LI. Multimodal fusion recommendation algorithm based on joint self-supervised learning [J]. Journal of Computer Applications, 2025, 45(6): 1858-1868.
[11]	Yufei LONG, Yuchen MOU, Ye LIU. Multi-source data representation learning model based on tensorized graph convolutional network and contrastive learning [J]. Journal of Computer Applications, 2025, 45(5): 1372-1378.
[12]	Dan WANG, Wenhao ZHANG, Lijuan PENG. Channel estimation of reconfigurable intelligent surface assisted communication system based on deep learning [J]. Journal of Computer Applications, 2025, 45(5): 1613-1618.
[13]	Haijun GENG, Yun DONG, Zhiguo HU, Haotian CHI, Jing YANG, Xia YIN. Encrypted traffic classification method based on Attention-1DCNN-CE [J]. Journal of Computer Applications, 2025, 45(3): 872-882.
[14]	Baohua YUAN, Jialu CHEN, Huan WANG. Medical image segmentation network integrating multi-scale semantics and parallel double-branch [J]. Journal of Computer Applications, 2025, 45(3): 988-995.
[15]	Dixin WANG, Jiahao WANG, Min LI, Hao CHEN, Guangyao HU, Yu GONG. Abnormal attack detection for underwater acoustic communication network [J]. Journal of Computer Applications, 2025, 45(2): 526-533.