Deep learning based anomaly analysis in cyber threats

  • 黃 獻德

Student thesis: Doctoral Thesis


In the world of the Internet in recent years there have been several phenomena worthy of attention One is the use of smart phones and Android applications (apps) Smart phones are an indispensable part of people's daily lives and Android has become the most popular smart phone operating system because of its openness However its openness makes malware very easy to spread and infect Android devices Pop-ups for Android apps are a powerful tool for maintaining user and app relationships but we can't ignore the security of Android and the nuisance caused by pop-ups in the notification bar Second the economic problems resulting in huge losses for victims and the economy caused by cryptocurrencies are serious The social network websites are flooded with a lot of cryptocurrency related information and the risks and frauds behind it have caused warnings in countries including the United States South Korea and China Corresponding regulations have been formulated but there is no systematic way to help judge risks and fraud In order to cope with the above two phenomena in this study we propose a deep learning based anomaly analysis for cyber threats using deep learning in image recognition and natural language processing to detect Android malicious behavior and fraud on the social network websites We applied the method to Sentiment Analysis Android Malware Detection and Pop-ups Recommendation We first collect user comments from the Facebook Twitter and Telegram Then input the data into the sentiment analysis model built by the Long Short-Term Memory Network (LSTM) + Convolutional Neural Network (CNN) that integrates the sequence dependency and local features to train the model using activation functions (softmax and tanh) to output [-1 1] as emotions where -1 means negative emotions and vice versa On the other hand for the security problem of Android in the case of taking performance as a priority without feature engineering we propose to translate the bytecode of Android's Dalvik core classes dex into color images by color and RGB color code Then using Inception-v3 model does Transfer Learning and outputs the results of its detection of malware Finally in order to improve the click-through rate and user retention rate of app-side ads we developed a pop-up recommendation system for analyzing user behavior through the Deep Neural Network (DNN) For validation we partnered with Leopard Mobile Inc (Cheetah Mobile Taiwan Agency) to collect real data and deploy our approach to our partners' core products including core products such as Security Master Clean Master RatingToken and Coin Master The experiment proves that our research can effectively reduce the risk of online fraud on social network sites Android malware infection and can accurately understand the preference and frequency of users clicking push notifications/pop-ups reducing the trouble for users
Date of Award2019
Original languageEnglish
SupervisorHung-Yu Kao (Supervisor)

Cite this