Top

International Journal of Machine Learning and Cybernetics

Published in:

24-12-2022 | Original Article

Android malware adversarial attacks based on feature importance prediction

Authors: Yanping Guo, Qiao Yan

Published in: International Journal of Machine Learning and Cybernetics | Issue 6/2023

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

In the last decade, malicious Android applications have increased rapidly because of the popularity of Android mobile devices. In particular, some Android malware starts to use the adversarial examples generation technology to escape from the detection system. To defend against the adversarial examples of Android malware, researchers need to research the generation of adversarial examples. Meanwhile, substitute models are one of the research topics in machine learning interpretability. In the paper, we propose a new model called p-MalGAN with a Feature Importance Prediction (FIP) module based on MalGAN, a Generative Adversarial Network (GAN) for generating malware adversarial examples. FIP module uses random forest as an substitute model to calculates the importance of features by measuring the correlation between the features and the labels of the detector to predict the features used by the detector, then uses the high-confidence features to generate adversarial examples. Compared with MalGAN, our model overcomes the difficulty of not knowing detector features in realistic scenes. Experimental results show that our method can effectively predict the features of the detector and reduces the difference between the adversarial examples and the original malware with slightly affecting the attack performance.

previous article Global-local information based oversampling for multi-class imbalanced data

next article Pyramid feature boosted network for single image dehazing

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

ATZelectronics worldwide

ATZlectronics worldwide is up-to-speed on new trends and developments in automotive electronics on a scientific level with a high depth of information.

Order your 30-days-trial for free and without any commitment.

inform now

ATZelektronik

Die Fachzeitschrift ATZelektronik bietet für Entwickler und Entscheider in der Automobil- und Zulieferindustrie qualitativ hochwertige und fundierte Informationen aus dem gesamten Spektrum der Pkw- und Nutzfahrzeug-Elektronik.

Lassen Sie sich jetzt unverbindlich 2 kostenlose Ausgabe zusenden.

inform now

https://www.kaggle.com/defensedroid/android-malware-detection.

Christiaan B, Sandeep C, Taylor D, Steve G, Rajiv G, Tracy H, Craig S (2020) McAfee Labs Threat Report. McAfee. https://www.mcafee.com/enterprise/zh-cn/assets/reports/rp-quarterly-threats-nov-2020.pdf. Accessed 6 May 2021

Naval S, Laxmi V, Rajarajan M, Gaur MS, Conti M (2015) Employing program semantics for malware detection. IEEE Trans Inf For Secur. IEEE, New York, pp 2591–2604

Yuan Z, Lu Y, Wang Z, Xue Y (2014) Droid-sec: deep learning in android malware detection. In: Proceedings of the 2014 ACM conference on SIGCOMM. ACM, New York, pp 371–372

Szegedy C, Zaremba W, Sutskever I, Bruna J, Erhan D, Goodfellow I, Fergus R (2013) Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199

Goodfellow IJ, Shlens J, Szegedy C (2014) Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572

Xiao C, Li B, Zhu JY, He W, Liu M, Song D (2018) Generating adversarial examples with adversarial networks. arXiv preprint arXiv:1801.02610

Hu W, Tan Y (2017) Generating adversarial malware examples for black-box attacks based on GAN. arXiv preprint arXiv:1702.05983

Li X, Kong K, Xu S, Qin P, He D (2021) Feature selection-based android malware adversarial sample generation and detection method. In: IET Information Security. pp 401–416

Rathore H, Sahay SK, Nikam P, Sewak M (2021) Robust android malware detection system against adversarial attacks using q-learning. In: Information Systems Frontiers. pp 867–882

10.

Rathore H, Sahay SK, Dhillon J, Sewak M (2021) Designing adversarial attack and defence for robust android malware detection models. 2021 51st annual IEEE/IFIP international conference on dependable systems and networks-supplemental volume (DSN-S). IEEE, New York, pp 29–32CrossRef

11.

Rathore H, Sahay SK, Sewak M (2021) Are android malware detection models adversarially robust? Poster Abstract. In: Proceedings of the 20th international conference on information processing in sensor networks (co-located with CPS-IoT Week 2021). ACM, New York, pp 408–409

12.

Li H, Zhou S, Yuan W, Li J, Leung H (2019) Adversarial-example attacks toward android malware detection system. IEEE Syst J 14(1):653–656CrossRef

13.

Kawai M, Ota K, Dong M (2019) Improved malgan: avoiding malware detector by leaning cleanware features. 2019 international conference on artificial intelligence in information and communication (ICAIIC). IEEE, New York, pp 040–045CrossRef

14.

Melis M, Scalas M, Demontis A, Maiorca D, Biggio B, Giacinto G, Roli F (2022) Do gradient-based explanations tell anything about adversarial robustness to android malware? Int J Mach Learn Cybern. Springer, Berlin, pp 217–232

15.

Enck W, Octeau D, McDaniel PD, Chaudhuri S (2011) A study of android application security. In: USENIX security symposium. pp 2–2

16.

Kovacheva A (2013) Efficient code obfuscation for Android. International conference on advances in information technology. Springer, Berlin, pp 104–119CrossRef

17.

Graux P, Lalande JF, Tong VVT (2019) Obfuscated android application development. In: Proceedings of the third central european cybersecurity conference. ACM, New York, pp 1–6

18.

Bacci A, Bartoli A, Martinelli F, Medvet E, Mercaldo F, Visaggio CA (2018) Impact of code obfuscation on android malware detection based on static and dynamic analysis. In: International conference on information systems security and privacy. pp 379–385

19.

Wu DJ, Mao CH, Wei TE, Lee HM, Wu KP (2012) Droidmat: Android malware detection through manifest and api calls tracing. 2012 seventh Asia joint conference on information security. IEEE, New York, pp 62–69CrossRef

20.

Goodfellow I, Pouget-Abadie J, Mirza M, Xu B, Warde-Farley D, Ozair S, Bengio Y (2020) Generative adversarial networks. Communications of the ACM. ACM, New York, pp 139–144

21.

Hu W, Tan Y (2018) Black-box attacks against RNN based malware detection algorithms. In: LWorkshops at the thirty-second AAAI conference on artificial intelligence. AAAI, California, pp 245–251

22.

Chen B, Ren Z, Yu C et al (2019) Adversarial examples for cnn-based malware detectors. IEEE Access. IEEE, New York, pp 54360–54371

23.

Peng X, Xian H, Lu Q et al (2020) Examples generating adversarial malware, with API semantics-awareness for black-box attacks. In: International symposium on security and privacy in social networks and big data. Springer, Singapore, pp 52–61

24.

Peng X, Xian H, Lu Q, Lu X (2021) Semantics aware adversarial malware examples generation for black-box attacks. Appl Soft Comput 109:107506CrossRef

25.

Wang J, Chang X, Wang Y et al (2021) LSGAN-AT: enhancing malware detector robustness against adversarial examples. Cybersecurity, pp 1–15

26.

Pedregosa F, Varoquaux G, Gramfort A, Michel V, Thirion B, Grisel O, Duchesnay E (2011) Scikit-learn: Machine learning in python. J Mach Learn Res 12:2825–2830

27.

Louppe G (2014) Understanding random forests: From theory to practice. arXiv preprint arXiv:1407.7502

28.

Esmeir S, Markovitch S (2007) Occam’s Razor Just Got Sharper. IJCAI. AAAI, California, pp 768–773

29.

Papernot N, McDaniel P, Goodfellow I et al (2017) Practical black-box attacks against machine learning. In: Proceedings of the 2017 ACM on Asia conference on computer and communications security. ACM, New York, pp 506–519

30.

Cui W, Li X, Huang J, Wang W, Wang S, Chen J (2020) Substitute model generation for black-box adversarial attack based on knowledge distillation. In: 2020 IEEE international conference on image processing (ICIP). IEEE, New York, pp 648–652

31.

Aldahdooh A, Hamidouche W, Fezza SA, Déforges O (2022) Adversarial example detection for DNN models: a review and experimental comparison. In: Artificial Intelligence Review. Springer, Berlin, pp 1–60

32.

Ali A, Gravino C (2022) Evaluating the impact of feature selection consistency in software prediction. Science of Computer Programming, 213, 102715

33.

Kingma DP, Ba J (2014) Adam: A method for stochastic optimization. arXiv preprint arXiv:1412.6980

34.

Taheri L, Kadir AFA, Lashkari AH (2019) Extensible android malware detection and family classification using network-flows and API-calls. 2019 international Carnahan conference on security technology (ICCST). IEEE, New York, pp 1–8

35.

Wang H, Si J, Li H, Guo Y (2019) Rmvdroid: Towards a reliable android malware dataset with app metadata. 2019 IEEE/ACM 16th international conference on mining software repositories (MSR). IEEE, New York, pp 404–408CrossRef

Title: Android malware adversarial attacks based on feature importance prediction
Authors: Yanping Guo
Qiao Yan
Publication date: 24-12-2022
Publisher: Springer Berlin Heidelberg
Published in: International Journal of Machine Learning and Cybernetics / Issue 6/2023
Print ISSN: 1868-8071
Electronic ISSN: 1868-808X
DOI: https://doi.org/10.1007/s13042-022-01747-9

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

ATZelectronics worldwide

ATZelektronik

Other articles of this Issue 6/2023

Multilayer discriminative extreme learning machine for classification

Pyramid feature boosted network for single image dehazing

Twin attentive deep reinforcement learning for multi-agent defensive convoy

Incremental approaches for optimal scale selection in dynamic multi-scale set-valued decision tables

Social activity matching with graph neural network in event-based social networks

Software defect prediction ensemble learning algorithm based on adaptive variable sparrow search algorithm