Android malware detection as a Bi-level problem

Malware detection is still a very challenging topic in the cybersecurity field. This mainly due to use of obfuscation techniques. To solve this issue, researchers proposed extract frequent API (Application Programming Interface) call sequences and then them as behavior indicators. Several methods aiming at generating malware rules have been with goal come up set that able accurately detect malicious code patterns. However, generation process heavily depends on training database content which will affect rate model when confronted new variants In order assess rule’s accuracy, we need execute rule whole makes quality evaluation sensitive content. suggest paper consider BLOP (Bi-Level Optimization Problem), where lower-level optimization task embedded within upper-level one. The generate form of: trees combined Those are not only real patterns from base examples but also artificial generated by lower-level. aims escape upper-level. An efficient co-evolutionary algorithm adopted search engine ensure both levels. Such an automated competition between two levels our method BMD (Bi-level Detection) produce effective capable detecting predictable behaviors addition existing ones. Based statistical analysis experimental results, has shown its merits compared several relevant state-of-the-art techniques different Android datasets.