ABSTRACT
Malware analysis and detection is a rat race between malware designer and anti-malware community. Most of the current Smartphone antivirus(s) are based on the signature, heuristic and behaviour based mechanisms which are unable to detect advanced polymorphic and metamorphic malware. Recently, researchers have developed state-of-the-art Android malware detection systems based on machine learning and deep learning. However, these models are prone to adversarial attacks which threaten the anti-malware ecosystem. Therefore in this work, we are investigating the robustness of Android malware detection models against adversarial attacks. We crafted adversarial attacks using reinforcement learning against detection models built using a variety of machine learning (classical, bagging, boosting) and deep learning algorithms. We are designing two adversarial attack strategies, namely single-policy and multi-policy attack for white-box and grey-box scenarios which are based on adversary's knowledge about the system. We designed the attack using Q-learning where a malicious application(s) is modified to generate variants which will force the detection models to misclassify them. The goal of the attack policy is to convert maximum Android applications (such that they are misclassified) with minimum modifications while maintaining the functional and behavioural integrity of applications. Preliminary results show an average fooling rate of around 40% across twelve distinct detection models based on different classification algorithms. We are also designing defence against these adversarial attack using model retraining and distillation.
- Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, and Konrad Rieck. 2014. Drebin: Effective and explainable detection of android malware in your pocket.. In Network and Distributed System Security Symposium (NDSS), Vol. 14. 23--26.Google Scholar
Cross Ref
- Ian J Goodfellow, Jonathon Shlens, and Christian Szegedy. 2014. Explaining and harnessing adversarial examples. International Conference on Learning Representations (ICLR).Google Scholar
- Alexey Kurakin, Ian Goodfellow, and Samy Bengio. 2016. Adversarial examples in the physical world. International Conference on Learning Representations (ICLR).Google Scholar
- Jin Li, Lichao Sun, Qiben Yan, Zhiqiang Li, Witawas Srisa-An, and Heng Ye. 2018. Significant permission identification for machine-learning-based android malware detection. IEEE Transactions on Industrial Informatics 14, 7 (2018), 3216--3225.Google Scholar
Cross Ref
- Kimberly Tam, Ali Feizollah, Nor Badrul Anuar, Rosli Salleh, and L Cavallaro. 2017. The evolution of android malware and android analysis techniques. ACM Computing Surveys (CSUR) 49, 4 (2017), 1--41.Google Scholar
Digital Library
- Ke Xu, Yingjiu Li, and Robert H Deng. 2016. Iccdetector: Icc-based malware detection on android. IEEE Transactions on Information Forensics and Security 11, 6 (2016), 1252--1264.Google Scholar
Digital Library
- Yanfang Ye, Tao Li, Donald Adjeroh, and S Sitharama Iyengar. 2017. A survey on malware detection using data mining techniques. ACM Computing Surveys (CSUR) 50, 3 (2017), 1--40.Google Scholar
Digital Library
Index Terms
Adversarial attacks on malware detection models for smartphones using reinforcement learning: PhD forum abstract
Recommendations
How robust are malware detection models for Android smartphones against adversarial attacks?: poster abstract
SenSys '20: Proceedings of the 18th Conference on Embedded Networked Sensor SystemsAndroid-based smartphones and IoT devices have grown at an exponential rate in the last decade. Meanwhile, malicious applications have also increased dramatically, which threaten the Android ecosystem. The anti-malware community has proposed data mining ...
Are CNN based Malware Detection Models Robust?: Developing Superior Models using Adversarial Attack and Defense
SenSys '21: Proceedings of the 19th ACM Conference on Embedded Networked Sensor SystemsThe tremendous increase of malicious applications in the android ecosystem has prompted researchers to explore deep learning based malware detection models. However, research in other domains suggests that deep learning models are adversarially ...
Defending malware detection models against evasion based adversarial attacks
Highlights- We developed twenty distinct malware detection models and investigated their adversarial robustness and evasion resistance.
AbstractThe last decade has witnessed a massive malware boom in the Android ecosystem. Literature suggests that artificial intelligence/machine learning based malware detection models can potentially solve this problem. But, these detection ...





Comments