A hybrid approach for Android malware detection using improved multi-scale convolutional neural networks and residual networks

The open-source nature of Android, along with its coarse-grained permission management and widespread use, has heightened its vulnerability to malware threats. However, many traditional approaches face limitations in extracting comprehensive features, which hinders accurate and efficient Android malware detection. In this paper, we propose an effective hybrid approach combining an improved multi-scale convolutional neural network (MSCNN) with residual networks (ResNet) to defend against Android malware. The approach comprises an enhanced feature extraction network and a detection network. Initially, we introduce MSCNN, a novel deep learning model for comprehensive feature extraction. The MSCNN extends into three branches at distinct levels, concatenating features from low to high dimensions. This multilevel structure preserves rich semantic features while avoiding complex feature selection and analysis. Further, ResNet is employed as the detection network, and the hybrid models’ performance is evaluated by comparison with a single ResNet. Finally, we validate the effectiveness of our approach by comparing our experimental results with state-of-the-arts. The experimental results show our approach effectively detects Android malware with high accuracy (99.20%) and precision (99.49%), and utilizing MSCNN as a multilevel feature extraction network significantly enhances the performance of the hybrid models, particularly, the F1-Score of MSCNN+ResNet18 increases by 4.8%. •Propose an improved MSCNN model extracting features from various data levels.•Design hybrid models combining MSCNN with GRU, ResNet18, ResNet34 and ResNet50.•MSCNN acts as upper feature extraction layer.•GRU, ResNet18, ResNet34 and ResNet50 as detection network, respectively.•Our approach detects Android malware, and enhances the hybrid model performance.