论文信息 - How Can We Craft Large-Scale Android Malware? An Automated Poisoning Attack

How Can We Craft Large-Scale Android Malware? An Automated Poisoning Attack

Android malware, is one of the most serious threats to mobile security. Today, machine learning-based approach is one of the most promising approaches in detecting Android malware. However, our previous experiments show that sophisticated attackers can craft large-scale Android malware to pollute training data and pose an automated poisoning attack on machine learning-based malware detection systems (e.g., Drebin, Droidapiminer, Stormdroid, and Mamadroid), and eventually mislead the detection tools. We further examine how machine learning classifiers can be mislead under four different attack models and significantly reduce detection accuracy. Apart from Android malware, to better protect mobile devices, we also discuss a general threat model of Android devices to investigate the capabilities of different attackers.

[1] Ananthram Swami,et al. The Limitations of Deep Learning in Adversarial Settings , 2015, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[2] Gianluca Stringhini,et al. MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models (Extended Version) , 2016, NDSS 2017.

[3] Minhui Xue,et al. StormDroid: A Streaminglized Machine Learning-Based System for Detecting Android Malware , 2016, AsiaCCS.

[4] Joan Bruna,et al. Intriguing properties of neural networks , 2013, ICLR.

[5] Lingling Fan,et al. A Large-Scale Empirical Study on Industrial Fake Apps , 2019, 2019 IEEE/ACM 41st International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP).

[6] Lingling Fan,et al. POSTER: Accuracy vs. Time Cost: Detecting Android Malware through Pareto Ensemble Pruning , 2016, CCS.

[7] Minhui Xue,et al. Towards adversarial detection of mobile malware: poster , 2016, MobiCom.

[8] Lingling Fan,et al. Are mobile banking apps secure? what can be improved? , 2018, ESEC/SIGSOFT FSE.

[9] Heng Yin,et al. DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android , 2013, SecureComm.

[10] Konrad Rieck,et al. DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket , 2014, NDSS.

[11] Bo Li,et al. Automated poisoning attacks and defenses in malware detection systems: An adversarial machine learning approach , 2017, Comput. Secur..