Details

Autor(en) / Beteiligte

• Ge, Ruihai
• Zhang, Yongzheng
• Si, Chengxiang
• Zhou, Guoqiao
• Zhou, Wenchang

Titel

MateGraph: Toward Mobile Malware Detection Through Traffic Behavior Graph

Ist Teil von

• 2022 IEEE 24th Int Conf on High Performance Computing & Communications; 8th Int Conf on Data Science & Systems; 20th Int Conf on Smart City; 8th Int Conf on Dependability in Sensor, Cloud & Big Data Systems & Application (HPCC/DSS/SmartCity/DependSys), 2022, p.801-809

Ort / Verlag

IEEE

Erscheinungsjahr

2022

Quelle

IEEE Xplore

Beschreibungen/Notizen

• As the number of interconnected mobile devices increases exponentially, mobile malware poses a severe threat to cyberspace security. Existing techniques utilize network traffic analysis effectively to identify and detect mobile malware. The majority of these solutions concentrate on the statistical features of malicious traffic or the information of key fields in the packet, but fail to take advantage of rich communication patterns throughout the entire network. In this paper, we present MateGraph, a traffic behavior graph-based approach to detect and classify mobile malware. The key insight of our research is that the communication patterns of a mobile application can be modeled as several traffic behavior graphs in Non-Euclidean space, and thus we can differentiate between malicious and benign applications by using graph convolution network models to learn graph topologies and representations. In MateGraph, we first construct a traffic behavior graph from a given chunk of network traffic within a time window, where a node of the graph is defined by a tuple of destination IP and port while an edge is established by the static and dynamic correlation between the nodes. Next, we present an enhanced graph convolution network for discovering the diverse pattern representations of benign and malicious traffic behavior graphs and achieving high detection performance and efficiency. We have conducted experiments on a publicly available dataset to evaluate MateGraph against several state-of-the-art methods, and the experimental results show that MateGraph has a better performance, the F1 score of which reached 96.57% and the accuracy increased by more than 7%.