Experimental Study with Real-world Data for Android App Security Analysis using Machine Learning

Proceedings of the 31st Annual Computer Security Applications Conference Pub Date : 2015-12-07 DOI:10.1145/2818000.2818038

Sankardas Roy, J. DeLoach, Yuping Li, Nic Herndon, Doina Caragea, Xinming Ou, Venkatesh Prasad Ranganath, Hongmin Li, Nicolais Guevara

{"title":"Experimental Study with Real-world Data for Android App Security Analysis using Machine Learning","authors":"Sankardas Roy, J. DeLoach, Yuping Li, Nic Herndon, Doina Caragea, Xinming Ou, Venkatesh Prasad Ranganath, Hongmin Li, Nicolais Guevara","doi":"10.1145/2818000.2818038","DOIUrl":null,"url":null,"abstract":"Although Machine Learning (ML) based approaches have shown promise for Android malware detection, a set of critical challenges remain unaddressed. Some of those challenges arise in relation to proper evaluation of the detection approach while others are related to the design decisions of the same. In this paper, we systematically study the impact of these challenges as a set of research questions (i.e., hypotheses). We design an experimentation framework where we can reliably vary several parameters while evaluating ML-based Android malware detection approaches. The results from the experiments are then used to answer the research questions. Meanwhile, we also demonstrate the impact of some challenges on some existing ML-based approaches. The large (market-scale) dataset (benign and malicious apps) we use in the above experiments represents the real-world Android app security analysis scale. We envision this study to encourage the practice of employing a better evaluation strategy and better designs of future ML-based approaches for Android malware detection.","PeriodicalId":338725,"journal":{"name":"Proceedings of the 31st Annual Computer Security Applications Conference","volume":"28 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"68","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 31st Annual Computer Security Applications Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2818000.2818038","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 68

Abstract

Although Machine Learning (ML) based approaches have shown promise for Android malware detection, a set of critical challenges remain unaddressed. Some of those challenges arise in relation to proper evaluation of the detection approach while others are related to the design decisions of the same. In this paper, we systematically study the impact of these challenges as a set of research questions (i.e., hypotheses). We design an experimentation framework where we can reliably vary several parameters while evaluating ML-based Android malware detection approaches. The results from the experiments are then used to answer the research questions. Meanwhile, we also demonstrate the impact of some challenges on some existing ML-based approaches. The large (market-scale) dataset (benign and malicious apps) we use in the above experiments represents the real-world Android app security analysis scale. We envision this study to encourage the practice of employing a better evaluation strategy and better designs of future ML-based approaches for Android malware detection.

查看原文本刊更多论文

基于真实世界数据的机器学习Android应用安全分析实验研究

尽管基于机器学习(ML)的方法在Android恶意软件检测方面显示出了前景，但一系列关键挑战仍未得到解决。其中一些挑战与检测方法的适当评估有关，而另一些挑战则与检测方法的设计决策有关。在本文中，我们系统地研究了这些挑战的影响，作为一组研究问题(即假设)。我们设计了一个实验框架，在评估基于ml的Android恶意软件检测方法时，我们可以可靠地改变几个参数。然后用实验结果来回答研究问题。同时，我们也展示了一些挑战对一些现有的基于机器学习的方法的影响。我们在上述实验中使用的大型(市场规模)数据集(良性和恶意应用程序)代表了现实世界的Android应用程序安全分析规模。我们设想这项研究可以鼓励采用更好的评估策略和更好的设计未来基于机器学习的Android恶意软件检测方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 31st Annual Computer Security Applications Conference

自引率

0.00%

发文量