Comprehensive benchmarking of knowledge graph embeddings methods for Android malware detection

Abstract

The rising popularity and open-source model of the Android operating system has made it a main target for attackers creating malware applications. With the mobile industry being an expanding device ecosystem, there is a critical need for developing effective methods to protect against mobile malware. Recognizing the latest approaches and their limitations, we have conducted a comprehensive empirical analysis on the applicability of knowledge graphs for malware detection in view of the influence of the scoring functions, the vector dimension, the stability of the obtained results, the performance of the individual classifiers, and other important time dependencies. In addition, we propose a knowledge-graph based method aimed at improving the quality of classification input data, while offering greater interfacing capabilities with external knowledge and lower computational complexity. The proposed method offers a new perspective on working with Android malware, demonstrating a unique data processing pipeline for malware sample identification and encouraging further innovation in the field. Our findings demonstrate that knowledge graph representation is not only feasible, but also provides well-performing results, remaining competitive with state-of-the-art approaches.