Android has occupied an important share of the operating system of intelligent terminal devices in the Internet of Things (IoT), and the malicious applications of Android have increased rapidly, posing a serious threat to the security of IoT. Machine learning has advanced significantly in the detection of android malware. In order to protect intellectual property, Android developers have begun to use packing techniques to enhance the security of their applications. However, attackers can also pack their malware, which may make feature extraction ineffective and interfere with the prediction results of learning-based classifiers. For this issue, we have designed and implemented a tool by dynamically loading the original DEX using a shell DexClassLoader to generate a batch of packed Android applications. And we have verified that several existing methods fail when faced with packed samples. Therefore, we propose a novel malware detection method called DTDroid that can resist code packing. DTDroid automatically captures network traffic characteristics of target samples based on fuzzy testing and network traffic packet extraction. At the same time, the dynamic behavior characteristics of the target application can be obtained by monitoring the corresponding runtime function calls and system status. The extracted two types of features are contextually spliced and converted into grayscale images, and then detected based on deep learning model. Experimental results show that the detection accuracy of our method reaches 94.22% and 95.14%, respectively, on two kinds of packed datasets, indicating that DTDroid has better robustness for packed samples than the existing methods.