Anakin: explainable android malware detection with graph neural networks.
Gespeichert in:
| Titel: | Anakin: explainable android malware detection with graph neural networks. |
|---|---|
| Autoren: | Andresini, Giuseppina, Appice, Annalisa, Belvedere, Vincenzo, Fiameni, Giuseppe, Malerba, Donato |
| Quelle: | Cybersecurity (2523-3246); 2/4/2026, Vol. 9 Issue 1, p1-37, 37p |
| Abstract: | Android OS is today the most used Operating System for mobile devices. However, it is susceptible to several malware attacks that may seriously compromise the privacy and security of individuals and organizations. This paper proposes an approach based on a static analysis of decompiled Android PacKages (APKs) to extract critical APIs and detect Android malware. The main contributions lie in the adoption of a graph-based data engineering schema to represent APIs taken from the Function Call Graphs of decompiled APKs and the formulation of a graph-based deep learning approach for explainable malware detection. In particular, the proposed approach, named ANAKIN , implements a Graph Neural Network (GNN) for binary classification (malware versus goodware), and integrates GNNExplainer algorithm to disclose how specific API classes and control-flow edges between API calls influence malware alerts. The proposed approach was evaluated by considering 26,527 Android APKs. The results of an extensive and in-depth evaluation show that the presented GNN model achieves higher accuracy than deep neural models trained with traditional API call sequence representations and publicly available related methods. On the other hand, it produces decision explanations that yield interesting insights into the malicious patterns of APKs and support root cause analysis of missed malware alarms. [ABSTRACT FROM AUTHOR] |
| Copyright of Cybersecurity (2523-3246) is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Datenbank: | Complementary Index |
Full Text Finder 
Nájsť tento článok vo Web of Science Schreiben Sie den ersten Kommentar!