3.8 Proceedings Paper

On the Deterioration of Learning-Based Malware Detectors for Android

出版社

IEEE
DOI: 10.1109/ICSE-Companion.2019.00110

关键词

-

向作者/读者索取更多资源

Classification using machine learning has been a major class of defense solutions against malware. Yet in the presence of a large and growing number of learning-based malware detection techniques for Android, malicious apps keep breaking out, with an increasing momentum, in various Android app markets. In this context, we ask the question what is it that makes new and emerging malware slip through such a great collection of detection techniques?. Intuitively, performance deterioration of malware detectors could be a main cause-trained on older samples, they are increasingly unable to capture new malware. To understand the question, this work sets off to investigate the deterioration problem in four state-of-the-art Android malware detectors. We confirmed our hypothesis that these existing solutions do deteriorate largely and rapidly over time. We also propose a new classification approach that is built on the results of a longitudinal characterization study of Android apps with a focus on their dynamic behaviors. We evaluated this new approach against the four existing detectors and demonstrated significant advantages of our new solution. The main lesson learned is that studying app evolution provides a promising avenue for long-span malware detection.

作者

我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。

评论

主要评分

3.8
评分不足

次要评分

新颖性
-
重要性
-
科学严谨性
-
评价这篇论文

推荐

暂无数据
暂无数据