On Impact of Adversarial Evasion Attacks on ML-based Android Malware Classifier Trained on Hybrid Features

HUSNAIN RAFIQ, Nauman Aslam, Biju Issac, Rizwan Hamid Randhawa

Research output: Chapter in Book/Report/Conference proceedingConference proceeding (ISBN)peer-review

2 Citations (Scopus)

Abstract

Due to the widespread usage of Android-based smartphones in the current era, Android malware has become a significant concern. From the perspective of t he a dvances in machine learning-based approaches in the previous decade, the research community has shown a dominant interest in applying these to counter Android malware. However, these ML-based classifiers are vulnerable to attacks. An attacker can deliberately fabricate the input application to force the classification algorithm to produce the desired output (evasion attack). In this study, first, w e propose HybridDroid, a n M L-based Android malware classifier trained o n hybrid features a nd optimized using the tree-based pipeline optimization technique (TPOT). Our experiments show that HybriDroid achieves a remarkable detection accuracy of up to 99.2% on a balanced excerpt of 36,000 malware and benign Android apps. Secondly, we explore the effectiveness of the proposed model in adversarial environments. We apply mimicry attacks, feature removal attacks and feature removal with injection attacks on HybriDroid. Our experiments reveal that ML-based malware classifiers are highly vulnerable to adversarial evasion attacks. Finally, we propose future directions to harden the security of ML-based Android malware classifiers in adversarial settings.
Original languageEnglish
Title of host publication14th International Conference on Software, Knowledge, Information Management and Applications (SKIMA)
Pages216-221
Number of pages6
ISBN (Electronic)9781665493345
DOIs
Publication statusPublished - 2 Dec 2022
Event14th International Conference on Software, Knowledge, Information Management and Applications - Phnom Penh, Cambodia
Duration: 2 Dec 20224 Dec 2022

Publication series

NameInternational Conference on Software, Knowledge Information, Industrial Management and Applications, SKIMA
Volume2022-December
ISSN (Print)2373-082X
ISSN (Electronic)2573-3214

Conference

Conference14th International Conference on Software, Knowledge, Information Management and Applications
Country/TerritoryCambodia
CityPhnom Penh
Period2/12/224/12/22

Keywords

  • Adversarial attacks
  • Android
  • Hybrid analysis
  • Machine learning
  • Malware

Fingerprint

Dive into the research topics of 'On Impact of Adversarial Evasion Attacks on ML-based Android Malware Classifier Trained on Hybrid Features'. Together they form a unique fingerprint.

Cite this