Integrating a Knowledge Graph Into Malware Detection Systems
摘要
Detecting Android malware in an effective way requires more than just looking at individual behavioral features, as the previous studies did in the last few years - we also need to understand the relationships between the Android application components. In this research study, we introduce a knowledge-graph integrated framework that combines system-call interactions and inter-app bindings into a combined knowledge network. We apply graph embedding techniques to this structure and integrate the results with established behavioral features, our approach reveals latent patterns that frequency-based methods typically miss. In the real-world experiment on a large, real-world dataset of multiple Android applications, the our model showed substantial improvements over baseline classifiers. These results emphasize the value of relational insights and draw a future research direction toward more resilient, graph-aware mobile security solutions.