Towards sustainable Android malware detection
暂无分享,去创建一个
Approaches to Android malware detection built on supervised learning are commonly subject to frequent retraining, or the trained classifier may fail to detect newly emerged or emerging kinds of malware. This work targets a sustainable Android malware detector that, once trained on a dataset, can continue to effectively detect new malware without retraining. To that end, we investigate how the behaviors of benign and malicious apps evolve over time, and identify the most consistently discriminating behavioral traits of benign apps from malware. Our preliminary results reveal a promising prospect of this approach. On a benchmark set across seven years, our approach achieved highly competitive detection accuracy that sustained up to five years, outperforming the state of the art which sustained up to two years.
[1] Haipeng Cai,et al. Understanding Android Application Programming and Security: A Dynamic Study , 2017, 2017 IEEE International Conference on Software Maintenance and Evolution (ICSME).
[2] Haipeng Cai,et al. DroidFax: A Toolkit for Systematic Characterization of Android Applications , 2017, 2017 IEEE International Conference on Software Maintenance and Evolution (ICSME).
[3] Gianluca Stringhini,et al. MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models (Extended Version) , 2016, NDSS 2017.