Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security 2020
DOI: 10.1145/3372297.3417291
|View full text |Cite
|
Sign up to set email alerts
|

Enhancing State-of-the-art Classifiers with API Semantics to Detect Evolved Android Malware

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
82
0
1

Year Published

2021
2021
2024
2024

Publication Types

Select...
6
3

Relationship

0
9

Authors

Journals

citations
Cited by 125 publications
(83 citation statements)
references
References 30 publications
0
82
0
1
Order By: Relevance
“…model aging, model decays) usually makes trained models fail to function on new testing samples, primarily due to the changed statistical properties of samples over time. The existing work [36]- [38] measured how a model performs over time facing the concept drift, underpinned the root causes for such drift and proposed enhanced approaches to improve the model sustainability. However, active learning typically involves massive labeling for tens of thousands of malware samples, usually at a significant cost of human efforts.…”
Section: Discussionmentioning
confidence: 99%
“…model aging, model decays) usually makes trained models fail to function on new testing samples, primarily due to the changed statistical properties of samples over time. The existing work [36]- [38] measured how a model performs over time facing the concept drift, underpinned the root causes for such drift and proposed enhanced approaches to improve the model sustainability. However, active learning typically involves massive labeling for tens of thousands of malware samples, usually at a significant cost of human efforts.…”
Section: Discussionmentioning
confidence: 99%
“…A key to achieving high sustainability of a classifier lies in the underlying features being able to differentiate benign apps from malware for a long period. Zhang [28] built an API Graph based on API features to enhance malware classifier performance and slow down model aging with the similarity information among evolved Android malware. Xu [29] eir features include entry points for malicious attack behaviors, permissions, intent filters, and source and sink APIs.…”
Section: Control Flow Graph and Data Flow Graph Featuresmentioning
confidence: 99%
“…Another phenomenon we came across is the aggregation of several datasets that come from different sources such as the case of Zhang et al [ 136 ]. While this helps researchers to obtain more samples, it can change the representativeness of real world scenarios when combined with live feeds, such as those given by VirusShare.…”
Section: Usage Of Android Malware Family Labelsmentioning
confidence: 99%
“…Euphony [ 18 ] and AVCLASS2 [ 28 ]. (Euphony and AVCLASS2 were used in Zhang et al [ 136 ] and Sebastian and Caballero [ 28 ] consecutively. We do not include them in Table 3 because they were not used when crafting a dataset but, rather, when authors were designing their experiments.)…”
Section: Usage Of Android Malware Family Labelsmentioning
confidence: 99%