Adversarial android malware detection for mobile multimedia applications in IoT environments

In this paper, we propose two defense methods against adversarial attack to a malware detection system for mobile multimedia applications in IoT environments. They are Robust-NN and a combination of convolutional neural network and 1- nearest neighbors(C4N) which modify training data that has been poisoned by an adversarial attack. As a result, the trained machine learning model will be accurate and if the malicious program is entered by any IoT device, the model generates necessary alerts. We provide an explanation of the used attack method and the algorithms proposed to defend against this attack. In order to evaluate the suitability of the proposed defense methods, sufficient analysis is presented, i.e. Drebin, Contagio and Genome datasets which include benign and malware Android apps are applied to perform experiments. To confirm the effectiveness of the suggested defense algorithms, this paper compared their performance with two state-of-the-art defense algorithms used to detect adversarial samples, namely e2SAD and EAT. The experiments are performed on two types of API and Permission features from the mentioned datasets. The results confirm that accuracy rates of classification algorithms decrease to 40% after attack in some cases (related to Drebin dataset by reviewing API feature sets). Additionally, the accuracy rates increase to 94.94% and 96.03% by applying Robust-NN and C4N algorithms, respectively. Therefore, they are comparable with existing cutting-edge defense algorithms. Also, the adversarial attack increased the FPR to 45.81% which will be reduced to 4.84% and 4.15% using Robust-NN and C4N, respectively. Consequently, the proposed methods will be robust against adversarial attacks.

[1]  Ali Dehghantanha,et al.  Trends In Android Malware Detection , 2013, J. Digit. Forensics Secur. Law.

[2]  Ali Dehghantanha,et al.  Fuzzy pattern tree for edge malware detection and categorization in IoT , 2019, J. Syst. Archit..

[3]  Kouichi Sakurai,et al.  Lightweight Classification of IoT Malware Based on Image Recognition , 2018, 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC).

[4]  Ali Feizollah,et al.  Evaluation of machine learning classifiers for mobile malware detection , 2014, Soft Computing.

[5]  Mu Zhang,et al.  Semantics-Aware Android Malware Classification Using Weighted Contextual API Dependency Graphs , 2014, CCS.

[6]  Kang G. Shin,et al.  Large-scale malware indexing using function-call graphs , 2009, CCS.

[7]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[8]  Ragib Hasan,et al.  Probe-IoT: A public digital ledger based forensic investigation framework for IoT , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[9]  Fabio Roli,et al.  Explaining Vulnerabilities of Deep Learning to Adversarial Malware Binaries , 2019, ITASEC.

[10]  Qi Li,et al.  EveDroid: Event-Aware Android Malware Detection Against Model Degrading for IoT Devices , 2019, IEEE Internet of Things Journal.

[11]  Shui Yu,et al.  Multistage Signaling Game-Based Optimal Detection Strategies for Suppressing Malware Diffusion in Fog-Cloud-Based IoT Networks , 2018, IEEE Internet of Things Journal.

[12]  Dong Hoon Lee,et al.  SafeGuard: a behavior based real-time malware detection scheme for mobile multimedia applications in android platform , 2017, Multimedia Tools and Applications.

[13]  Xiao Chen,et al.  Android HIV: A Study of Repackaging Malware for Evading Machine-Learning Detection , 2018, IEEE Transactions on Information Forensics and Security.

[14]  Peng Li,et al.  Efficient Two-Step Adversarial Defense for Deep Neural Networks , 2018, ArXiv.

[15]  Zheng Wang,et al.  Deep Learning-Based Intrusion Detection With Adversaries , 2018, IEEE Access.

[16]  Ali Hamzeh,et al.  A survey on heuristic malware detection techniques , 2013, The 5th Conference on Information and Knowledge Technology.

[17]  Jonathon Shlens,et al.  Explaining and Harnessing Adversarial Examples , 2014, ICLR.

[18]  Myung-Sup Kim,et al.  Linear SVM-Based Android Malware Detection for Reliable IoT Services , 2014, J. Appl. Math..

[19]  Konrad Rieck,et al.  DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket , 2014, NDSS.

[20]  Roberto Caldelli,et al.  Adversarial image detection in deep neural networks , 2018, Multimedia Tools and Applications.

[21]  Houman Homayoun,et al.  Lightweight Node-level Malware Detection and Network-level Malware Confinement in IoT Networks , 2019, 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[22]  Abdelouahid Derhab,et al.  MalDozer: Automatic framework for android malware detection using deep learning , 2018, Digit. Investig..

[23]  Zhi Liu,et al.  Integration of statistical detector and Gaussian noise injection detector for adversarial example detection in deep neural networks , 2019, Multimedia Tools and Applications.

[24]  Dan Boneh,et al.  Ensemble Adversarial Training: Attacks and Defenses , 2017, ICLR.

[25]  Xiaojiang Du,et al.  Adversarial Samples on Android Malware Detection Systems for IoT Systems , 2019, Sensors.