On the Deterioration of Learning-Based Malware Detectors for Android

Fu, Xiaoqin; Cai, Haipeng

doi:10.1109/icse-companion.2019.00110

Cited by 44 publications

(32 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The resulting metrics are then used as features to train a classifier. We expect this evolution-informed classifier to achieve and sustain high classification accuracy over time, based on our prior works in this regard [17,18,29].…”

Section: Proactive Applications/toolsmentioning

confidence: 99%

“…Meanwhile, this rapid evolution also causes challenges to mobile software engineers in developing and maintaining quality app products, and hence challenges to users concerning the usability and security of resulting mobile software. Two prominent examples of such evolution-induced challenges, among many others, are the quick deterioration of security defense tools for Android [10,14,16,29] and extensive compatibility issues with Android apps [23,50].…”

mentioning

confidence: 99%

See 1 more Smart Citation

Embracing mobile app evolution via continuous ecosystem mining and characterization

Cai

2020

Proceedings of the IEEE/ACM 7th International Conference on Mobile Software Engineering and Systems

Self Cite

View full text Add to dashboard Cite

While an indicator of its vibrancy, the rapid evolution of a mobile ecosystem also causes challenges to mobile software engineers in developing and maintaining quality products, and to users concerning the usability and security of resulting apps. In this context, it is crucially important to arm mobile software engineers with effective and practical tool support that is informed and enabled by a comprehensive understanding of the evolutionary dynamics of this ecosystem. Targeting Android, we envision to build an infrastructure that is capable of systematically and continuously mining a mobile software ecosystem. Using this infrastructure, we then perform large-scale longitudinal characterization studies of the ecosystem to understand its evolutionary dynamics with a focus on the behavioral evolution patterns of, and ecological interaction among, three ecosystem elements: the mobile platforms, user apps built on the platforms, and users associated with the apps (including end users and developers). Further, the characterization results enable proactive app quality and sustainable app security. We also report our current progress in this effort with initial results, and discuss risks and next steps. CCS CONCEPTS • Software and its engineering → Software evolution; Maintaining software;

show abstract

Section: Proactive Applications/toolsmentioning

confidence: 99%

mentioning

confidence: 99%

Embracing mobile app evolution via continuous ecosystem mining and characterization

Cai

2020

Proceedings of the IEEE/ACM 7th International Conference on Mobile Software Engineering and Systems

Self Cite

View full text Add to dashboard Cite

show abstract

“…To understand the overtime classification performance of existing malware detection solutions, we chose six state-of-the-art malware detectors for Android. The baseline malware detectors for Android investigated are the two state-of-the-art dynamic app classifiers DroidSpan (Fu and Cai, 2019), Afonso (Afonso et al, 2015) and four state-of-the-art static approaches Ma-maDroid (Mariconti et al, 2017), DroidSieve (Suarez-Tangil et al, 2017), DroidAPIMiner (Aafer et al, 2013), Reveal-Droid (Garcia et al, 2018). MamaDroid and DroidAPIMiner uses features based on API calls in an app, extracted through static analysis.…”

Section: Towards Sustainable Android Malware Detectionmentioning

confidence: 99%

“…All the 16 datasets are mutually disjoint (there were no apps shared by any two datasets). The datasets are the same dataset used by DroidSpan (Fu and Cai, 2019) in investigating the deterioration of learning-based malware detectors for Android. Table 11 lists the F1 accuracy of each of the eight independent tests (noted in the first column) achieved by the proposed four security rules.…”

Section: Towards Sustainable Android Malware Detectionmentioning

confidence: 99%

Security-oriented view of app behaviour using textual descriptions and user-granted permission requests

Olukoya

Mackenzie

Omoronyia

2020

Computers & Security

View full text Add to dashboard Cite

One of the major Android security mechanisms for enforcing restrictions on the core facilities of a device that an app can access is permission control. However, there is an enormous amount of risk with regards to granting permissions since 97% of malicious mobile malware targets Android. As malware is becoming more complicated, recent research proposed a promising approach that checks implemented app behaviour against advertised app behaviour for inconsistencies. In this paper, we investigate such inconsistencies by matching the permission an app requests with the natural language descriptions of the app which gives an intuitive idea of user expected behaviour of the app. Then, we propose exploiting an enhanced app description to improve malware detection based on app descriptions and permissions. To evaluate the performance, we carried out various experiments with 56K apks. Our proposed enhancement reduces the false positives of the state-of-the-art approaches, Whyper, AutoCog, CHABADA by at least 87%, and TAPVerifier by at least 57%. We proposed a novel approach for evaluating the robustness of textual descriptions for permission-based malware detection. Our experimental results demonstrate a high detection recall rate of 98.72% on 71 up-to-date malware families and a precision of 90% on obfuscated samples of benign and malware apks. Our results also show that analysing sensitive permissions requested and UI textual descriptions provides a promising avenue for sustainable Android malware detection.

show abstract

“…But it is not easy. In [5], the classification of applications is depending on the credence that malicious software can be determined, based on the confidence that, he proposed a machine learning system. But its accuracy was very low.…”

Section: Introductionmentioning

confidence: 99%

Enhancement of Surface Roughness and Corrosion Resistance of Wedmed Al 7075 Alloy

Rajnaveen*,

Rambabu,

Naik

et al. 2019

IJRTE

View full text Add to dashboard Cite

Android Malware is pernicious software. It is configured to attack the hardware such as android or mobile phone or smart phone. It is designed to exploit the flaw in specific mobile phone software technologies and operating systems. Nowadays, the mobile phone is the number one most vulnerable to malware attacks. Malware can be in the form of adware, Trojans, viruses, root kits and spyware. They delete important documents or steal protected data or bring software that is not authorized by the user. To solve this problem you need to categorize the applications on the mobile. The techniques used in machine learning are used here to differentiate between applications in mobile as good or bad. In this paper, present two methods as using the Genetic algorithm for feature selection and the Nearest Neighbor for classification.

show abstract

On the Deterioration of Learning-Based Malware Detectors for Android

Cited by 44 publications

References 7 publications

Embracing mobile app evolution via continuous ecosystem mining and characterization

Embracing mobile app evolution via continuous ecosystem mining and characterization

Security-oriented view of app behaviour using textual descriptions and user-granted permission requests

Enhancement of Surface Roughness and Corrosion Resistance of Wedmed Al 7075 Alloy

Contact Info

Product

Resources

About