Detecting Android Malware: From Neural Embeddings to Hands-On Validation with BERTroid

• URL: http://arxiv.org/abs/2405.03620v2
• Date: Mon, 12 Aug 2024 15:16:15 GMT
• Title: Detecting Android Malware: From Neural Embeddings to Hands-On Validation with BERTroid
• Authors: Meryam Chaieb, Mostafa Anouar Ghorab, Mohamed Aymen Saied,
• Abstract summary: We present BERTroid, an innovative malware detection model built on the BERT architecture. BERTroid emerged as a promising solution for combating Android malware. Our approach has demonstrated promising resilience against the rapid evolution of malware on Android systems.
• Score: 0.38233569758620056
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: As cyber threats and malware attacks increasingly alarm both individuals and businesses, the urgency for proactive malware countermeasures intensifies. This has driven a rising interest in automated machine learning solutions. Transformers, a cutting-edge category of attention-based deep learning methods, have demonstrated remarkable success. In this paper, we present BERTroid, an innovative malware detection model built on the BERT architecture. Overall, BERTroid emerged as a promising solution for combating Android malware. Its ability to outperform state-of-the-art solutions demonstrates its potential as a proactive defense mechanism against malicious software attacks. Additionally, we evaluate BERTroid on multiple datasets to assess its performance across diverse scenarios. In the dynamic landscape of cybersecurity, our approach has demonstrated promising resilience against the rapid evolution of malware on Android systems. While the machine learning model captures broad patterns, we emphasize the role of manual validation for deeper comprehension and insight into these behaviors. This human intervention is critical for discerning intricate and context-specific behaviors, thereby validating and reinforcing the model's findings.

Related papers

• MASKDROID: Robust Android Malware Detection with Masked Graph Representations [56.09270390096083]
  We propose MASKDROID, a powerful detector with a strong discriminative ability to identify malware. We introduce a masking mechanism into the Graph Neural Network based framework, forcing MASKDROID to recover the whole input graph. This strategy enables the model to understand the malicious semantics and learn more stable representations, enhancing its robustness against adversarial attacks.
  arXiv  Detail & Related papers  (2024-09-29T07:22:47Z)
• Case Study: Neural Network Malware Detection Verification for Feature and Image Datasets [5.198311758274061]
  We present a novel verification domain that will help to ensure tangible safeguards against adversaries. We describe malware classification and two types of common malware datasets. We outline the challenges and future considerations necessary for the improvement and refinement of the verification of malware classification.
  arXiv  Detail & Related papers  (2024-04-08T17:37:22Z)
• DRSM: De-Randomized Smoothing on Malware Classifier Providing Certified Robustness [58.23214712926585]
  We develop a certified defense, DRSM (De-Randomized Smoothed MalConv), by redesigning the de-randomized smoothing technique for the domain of malware detection. Specifically, we propose a window ablation scheme to provably limit the impact of adversarial bytes while maximally preserving local structures of the executables. We are the first to offer certified robustness in the realm of static detection of malware executables.
  arXiv  Detail & Related papers  (2023-03-20T17:25:22Z)
• Adversarial Patterns: Building Robust Android Malware Classifiers [0.9208007322096533]
  In the field of cybersecurity, machine learning models have made significant improvements in malware detection. Despite their ability to understand complex patterns from unstructured data, these models are susceptible to adversarial attacks. This paper provides a comprehensive review of adversarial machine learning in the context of Android malware classifiers.
  arXiv  Detail & Related papers  (2022-03-04T03:47:08Z)
• EvadeDroid: A Practical Evasion Attack on Machine Learning for Black-box Android Malware Detection [2.2811510666857546]
  EvadeDroid is a problem-space adversarial attack designed to effectively evade black-box Android malware detectors in real-world scenarios. We show that EvadeDroid achieves evasion rates of 80%-95% against DREBIN, Sec-SVM, ADE-MA, MaMaDroid, and Opcode-SVM with only 1-9 queries.
  arXiv  Detail & Related papers  (2021-10-07T09:39:40Z)
• MalBERT: Using Transformers for Cybersecurity and Malicious Software Detection [0.0]
  Transformers, a category of attention-based deep learning techniques, have recently shown impressive results in solving different tasks. We propose a model based on BERT (Bi Representations from Transformers) which performs a static analysis on the source code of Android applications. The obtained results are promising and show the high performance obtained by Transformer-based models for malicious software detection.
  arXiv  Detail & Related papers  (2021-03-05T17:09:46Z)
• Adversarial defense for automatic speaker verification by cascaded self-supervised learning models [101.42920161993455]
  More and more malicious attackers attempt to launch adversarial attacks at automatic speaker verification (ASV) systems. We propose a standard and attack-agnostic method based on cascaded self-supervised learning models to purify the adversarial perturbations. Experimental results demonstrate that the proposed method achieves effective defense performance and can successfully counter adversarial attacks.
  arXiv  Detail & Related papers  (2021-02-14T01:56:43Z)
• Being Single Has Benefits. Instance Poisoning to Deceive Malware Classifiers [47.828297621738265]
  We show how an attacker can launch a sophisticated and efficient poisoning attack targeting the dataset used to train a malware classifier. As opposed to other poisoning attacks in the malware detection domain, our attack does not focus on malware families but rather on specific malware instances that contain an implanted trigger. We propose a comprehensive detection approach that could serve as a future sophisticated defense against this newly discovered severe threat.
  arXiv  Detail & Related papers  (2020-10-30T15:27:44Z)
• Enhanced Adversarial Strategically-Timed Attacks against Deep Reinforcement Learning [91.13113161754022]
  We introduce timing-based adversarial strategies against a DRL-based navigation system by jamming in physical noise patterns on the selected time frames. Our experimental results show that the adversarial timing attacks can lead to a significant performance drop.
  arXiv  Detail & Related papers  (2020-02-20T21:39:25Z)
• Adversarial vs behavioural-based defensive AI with joint, continual and active learning: automated evaluation of robustness to deception, poisoning and concept drift [62.997667081978825]
  Recent advancements in Artificial Intelligence (AI) have brought new capabilities to behavioural analysis (UEBA) for cyber-security. In this paper, we present a solution to effectively mitigate this attack by improving the detection process and efficiently leveraging human expertise.
  arXiv  Detail & Related papers  (2020-01-13T13:54:36Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.