The openness of Android operating system not only brings convenience to users, but also leads to the attack threat from a large number of malicious applications (apps). Thus malware detection has become the research focus in the field of mobile security. In order to solve the problem of more coarse-grained feature selection and larger feature loss of graph structure existing in the current detection methods, we put forward a method named DGCNDroid for Android malware detection, which is based on the deep graph convolutional network. Our method starts by generating a function call graph for the decompiled Android application. Then the function call subgraph containing the sensitive application programming interface (API) is extracted. Finally, the function call subgraphs with structural features are trained as the input of the deep graph convolutional network. Thus the detection and classification of malicious apps can be realized. Through experimentation on a dataset containing 11,120 Android apps, the method proposed in this paper can achieve detection accuracy of 98.2%, which is higher than other existing detection methods.

中文翻译：

---

基于函数调用图结构特征的Android恶意软件检测

Android操作系统的开放性不仅为用户带来了便利，而且还导致了来自大量恶意应用程序（应用程序）的攻击威胁。因此，恶意软件检测已成为移动安全领域的研究重点。为了解决当前检测方法中存在的粗粒度特征选择和图结构特征损失较大的问题，我们提出了一种基于深度图卷积网络的名为DGCNDroid的Android恶意软件检测方法。我们的方法首先为反编译的Android应用程序生成函数调用图。然后，提取包含敏感应用程序编程接口（API）的函数调用子图。最后，具有结构特征的函数调用子图被训练为深度图卷积网络的输入。因此，可以实现对恶意应用的检测和分类。通过对包含11120个Android应用程序的数据集进行实验，本文提出的方法可以达到98.2％的检测准确率，高于其他现有检测方法。