An Investigation on Fragility of Machine Learning Classifiers in Android Malware Detection

Rafiq, Husnain, Aslam, Nauman, Issac, Biju and Randhawa, Rizwan Hamid (2022) An Investigation on Fragility of Machine Learning Classifiers in Android Malware Detection. In: IEEE INFOCOM 2022 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). IEEE, Piscataway, US, pp. 1-6. ISBN 9781665409278, 9781665409261

[img]
Preview
Text
INFOCOM_TrickDroid.pdf - Accepted Version

Download (1MB) | Preview
Official URL: https://doi.org/10.1109/INFOCOMWKSHPS54753.2022.97...

Abstract

Machine learning (ML) classifiers have been increasingly used in Android malware detection and countermeasures for the past decade. However, ML based solutions are vulnerable to adversarial evasion attacks. An attacker can craft a malicious sample carefully to fool an underlying pre-trained classifier. In this paper, we highlight the fragility of the ML classifiers against adversarial evasion attacks. We perform mimicry attacks based on Oracle and Generative Adversarial Network (GAN) against these classifiers using our proposed methodology. We use static analysis on Android applications to extract API-based features from a balanced excerpt of a well-known public dataset. The empirical results demonstrate that among ML classifiers, the detection capability of linear classifiers can be reduced as low as 0 by perturbing only up to 4 out of 315 extracted API features. As a countermeasure, we propose TrickDroid, a cumulative adversarial training scheme based on Oracle and GAN-based adversarial data to improve evasion detection. The experimental results of cumulative adversarial training achieves a remarkable detection accuracy of up to 99.46 against adversarial samples.

Item Type: Book Section
Additional Information: Funding information: This work is supported by Northumbria’s Academic Centre of Excellence in Cyber Security Research (ACE-CSR), and we are thankful for the support. The Sixth IEEE International Workshop on the Security, Privacy, and Digital Forensics of Mobile Systems and Networks (MobiSec 2022), in conjunction with IEEE International Conference on Computer Communications, INFOCOM 2022; 2-5 May 2022: MobiSec workshop paper.
Subjects: G400 Computer Science
Department: Faculties > Engineering and Environment > Computer and Information Sciences
Related URLs:
Depositing User: John Coen
Date Deposited: 24 Feb 2022 10:20
Last Modified: 30 Jun 2022 08:00
URI: http://nrl.northumbria.ac.uk/id/eprint/48534

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics