In recent years, the number of malware on the Android platform has been increasing, and with the widespread use of code obfuscation technology, the accuracy of antivirus software and traditional detection algorithms is low. Current state-of-the-art research shows that researchers started applying deep learning methods for malware detection. We proposed an Android malware detection algorithm based on a hybrid deep learning model which combines deep belief network (DBN) and gate recurrent unit (GRU). First of all, analyze the Android malware; in addition to extracting static features, dynamic behavioral features with strong antiobfuscation ability are also extracted. Then, build a hybrid deep learning model for Android malware detection. Because the static features are relatively independent, the DBN is used to process the static features. Because the dynamic features have temporal correlation, the GRU is used to process the dynamic feature sequence. Finally, the training results of DBN and GRU are input into the BP neural network, and the final classification results are output. Experimental results show that, compared with the traditional machine learning algorithms, the Android malware detection model based on hybrid deep learning algorithms has a higher detection accuracy, and it also has a better detection effect on obfuscated malware.

中文翻译：

---

基于混合深度学习模型的Android恶意软件检测

近年来，Android平台上的恶意软件数量一直在增加，并且随着代码混淆技术的广泛使用，防病毒软件和传统检测算法的准确性较低。当前的最新研究表明，研究人员已开始将深度学习方法用于恶意软件检测。我们提出了一种基于混合深度学习模型的Android恶意软件检测算法，该模型结合了深度信念网络（DBN）和门递归单元（GRU）。首先，分析Android恶意软件；除了提取静态特征之外，还提取具有强大的抗混淆能力的动态行为特征。然后，构建用于Android恶意软件检测的混合深度学习模型。因为静态特征是相对独立的，所以使用DBN来处理静态特征。由于动态特征具有时间相关性，因此GRU用于处理动态特征序列。最后，将DBN和GRU的训练结果输入BP神经网络，并输出最终的分类结果。实验结果表明，与传统的机器学习算法相比，基于混合深度学习算法的Android恶意软件检测模型具有更高的检测精度，并且对混淆后的恶意软件具有更好的检测效果。