We propose the Malceiver, a hierarchical Perceiver model for Android malware detection that makes use of multi-modal features. The primary inputs are the opcode sequence and the requested permissions of a given Android APK file. To reach a malware classification decision the model combines hierarchical features extracted from the opcode sequence together with the requested permissions. The model's architecture is based on the Perceiver/PerceiverIO which allows for very long opcode sequences to be processed efficiently. Our proposed model can be easily extended to use multi-modal features. We show experimentally that this model outperforms a conventional CNN architecture for opcode sequence based malware detection. We then show that using additional modalities improves performance. Our proposed architecture opens new avenues for the use of Transformer-style networks in malware research.
翻译:我们建议使用使用多模式特性的安氏体恶意软件检测的等级 Perceiver模型。 主要的输入是给定的Android APK 文档的代码序列和请求权限。 要达成恶意软件分类决定, 模型将从代码序列中提取的等级特征与请求权限结合起来。 模型的架构以Perceiver/ PerceiverIO 为基础, 允许高效处理非常长的代码序列。 我们提议的模型可以很容易地推广到使用多模式特性。 我们实验性地显示, 这个模型比常规CNN的代码结构更适合基于密码序列的恶意软件检测。 我们随后显示, 使用更多模式可以提高性能。 我们提议的架构为在恶意软件研究中使用变换器网络开辟了新的途径 。