CITADEL: A Semi-Supervised Active Learning Framework for Malware Detection Under Continuous Distribution Drift

• URL: http://arxiv.org/abs/2511.11979v1
• Date: Sat, 15 Nov 2025 01:34:15 GMT
• Title: CITADEL: A Semi-Supervised Active Learning Framework for Malware Detection Under Continuous Distribution Drift
• Authors: Md Ahsanul Haque, Md Mahmuduzzaman Kamol, Ismail Hossain, Suresh Kumar Amalapuram, Vladik Kreinovich, Mohammad Saidur Rahman,
• Abstract summary: We propose CITADEL, a robust semi-supervised active learning framework for Android malware detection.<n>We introduce malware-specific augmentations, Bernoulli bit flips and masking, that simulate realistic drift behaviors.<n>We show that CITADEL outperforms prior work, achieving F1 score of over 1%, 3%, 7%, and 14% respectively, using only 40% labeled samples.
• Score: 2.6040598178524106
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Android malware evolves rapidly, leading to concept drift that degrades the performance of traditional machine learning (ML)-based detection systems. While recent approaches incorporate active learning and hierarchical contrastive loss to handle this drift, they remain fully supervised, computationally expensive, and perform poorly on real-world datasets with long temporal spans. In particular, our evaluation highlights these limitations, particularly on LAMDA, a 12-year longitudinal dataset exhibiting substantial distributional shifts. Moreover, manual expert labeling cannot scale with the daily emergence of over 450,000 new malware samples, leaving most samples unlabeled and underutilized. To address these challenges, we propose CITADEL, a robust semi-supervised active learning framework for Android malware detection. To bridge the gap between image-domain semi-supervised learning and binary feature representations of malware, we introduce malware-specific augmentations, Bernoulli bit flips and masking, that simulate realistic drift behaviors. CITADEL further integrates supervised contrastive loss to improve boundary sample discrimination and combines it with a multi-criteria active learning strategy based on prediction confidence, $L_p$-norm distance, and boundary uncertainty, enabling effective adaptation under limited labeling budgets. Extensive evaluation on four large-scale Android malware benchmarks -- APIGraph, Chen-AZ, MaMaDroid, and LAMDA demonstrates that CITADEL outperforms prior work, achieving F1 score of over 1%, 3%, 7%, and 14% respectively, using only 40% labeled samples. Furthermore, CITADEL shows significant efficiency over prior work incurring $24\times$ faster training and $13\times$ fewer operations.

Related papers

• LEAD-Drift: Real-time and Explainable Intent Drift Detection by Learning a Data-Driven Risk Score [0.0]
  "Intent drift" is where a network deviates from its intended goal, often leading to silent failures.<n>We propose LEAD-Drift, a framework that detects intent drift in real time to enable proactive failure prevention.<n>Our evaluation shows LEAD-Drift provides significantly earlier warnings, improving the average lead time by 7.3 minutes.
  arXiv  Detail & Related papers  (2026-02-14T08:46:12Z)
• Contamination Detection for VLMs using Multi-Modal Semantic Perturbation [73.76465227729818]
  Open-source Vision-Language Models (VLMs) have achieved state-of-the-art performance on benchmark tasks.<n>Pretraining corpora raise a critical concern for both practitioners and users: inflated performance due to test-set leakage.<n>We show that existing detection approaches either fail outright or exhibit inconsistent behavior.<n>We propose a novel simple yet effective detection method based on multi-modal semantic perturbation.
  arXiv  Detail & Related papers  (2025-11-05T18:59:52Z)
• Adversarial Augmentation and Active Sampling for Robust Cyber Anomaly Detection [1.102914654802229]
  Advanced Persistent Threats (APTs) present a considerable challenge to cybersecurity due to their stealthy, long-duration nature.<n>Traditional supervised learning methods typically require large amounts of labeled data, which is often scarce in real-world scenarios.<n>This paper introduces a novel approach that combines AutoEncoders for anomaly detection with active learning to iteratively enhance APT detection.
  arXiv  Detail & Related papers  (2025-09-05T10:47:49Z)
• DRMD: Deep Reinforcement Learning for Malware Detection under Concept Drift [17.324132213093872]
  We develop a novel formulation of malware detection as a one-step Markov Decision Process.<n>We train a deep reinforcement learning (DRL) agent, simultaneously optimizing sample classification performance and rejecting high-risk samples for manual labeling.<n>Our results demonstrate for the first time that DRL can facilitate effective malware detection and improved resiliency to concept drift.
  arXiv  Detail & Related papers  (2025-08-26T09:15:33Z)
• ADAPT: A Pseudo-labeling Approach to Combat Concept Drift in Malware Detection [0.8192907805418583]
  Adapting machine learning models to changing data distributions requires frequent updates.<n>We introduce texttADAPT, a novel pseudo-labeling semi-supervised algorithm for addressing concept drift.
  arXiv  Detail & Related papers  (2025-07-11T13:47:07Z)
• LAMDA: A Longitudinal Android Malware Benchmark for Concept Drift Analysis [5.895643771545453]
  LAMDA is the largest and most temporally diverse Android malware benchmark to date.<n>It reflects the natural distribution and evolution of real-world Android applications.<n>It enables in-depth research into temporal drift, generalization, explainability, and evolving detection challenges.
  arXiv  Detail & Related papers  (2025-05-24T06:36:39Z)
• Revisiting Concept Drift in Windows Malware Detection: Adaptation to Real Drifted Malware with Minimal Samples [10.352741619176383]
  We propose a new technique for detecting and classifying drifted malware.<n>It learns drift-invariant features in malware control flow graphs by leveraging graph neural networks with adversarial domain adaptation.<n>Our approach significantly improves drifted malware detection on publicly available benchmarks and real-world malware databases reported daily by security companies.
  arXiv  Detail & Related papers  (2024-07-18T22:06:20Z)
• When Measures are Unreliable: Imperceptible Adversarial Perturbations toward Top-$k$ Multi-Label Learning [83.8758881342346]
  A novel loss function is devised to generate adversarial perturbations that could achieve both visual and measure imperceptibility. Experiments on large-scale benchmark datasets demonstrate the superiority of our proposed method in attacking the top-$k$ multi-label systems.
  arXiv  Detail & Related papers  (2023-07-27T13:18:47Z)
• Scale-Equivalent Distillation for Semi-Supervised Object Detection [57.59525453301374]
  Recent Semi-Supervised Object Detection (SS-OD) methods are mainly based on self-training, generating hard pseudo-labels by a teacher model on unlabeled data as supervisory signals. We analyze the challenges these methods meet with the empirical experiment results. We introduce a novel approach, Scale-Equivalent Distillation (SED), which is a simple yet effective end-to-end knowledge distillation framework robust to large object size variance and class imbalance.
  arXiv  Detail & Related papers  (2022-03-23T07:33:37Z)
• Activation to Saliency: Forming High-Quality Labels for Unsupervised Salient Object Detection [54.92703325989853]
  We propose a two-stage Activation-to-Saliency (A2S) framework that effectively generates high-quality saliency cues. No human annotations are involved in our framework during the whole training process. Our framework reports significant performance compared with existing USOD methods.
  arXiv  Detail & Related papers  (2021-12-07T11:54:06Z)
• Softmax with Regularization: Better Value Estimation in Multi-Agent Reinforcement Learning [72.28520951105207]
  Overestimation in $Q$-learning is an important problem that has been extensively studied in single-agent reinforcement learning. We propose a novel regularization-based update scheme that penalizes large joint action-values deviating from a baseline. We show that our method provides a consistent performance improvement on a set of challenging StarCraft II micromanagement tasks.
  arXiv  Detail & Related papers  (2021-03-22T14:18:39Z)
• Robust Pre-Training by Adversarial Contrastive Learning [120.33706897927391]
  Recent work has shown that, when integrated with adversarial training, self-supervised pre-training can lead to state-of-the-art robustness. We improve robustness-aware self-supervised pre-training by learning representations consistent under both data augmentations and adversarial perturbations.
  arXiv  Detail & Related papers  (2020-10-26T04:44:43Z)
• Transfer Learning without Knowing: Reprogramming Black-box Machine Learning Models with Scarce Data and Limited Resources [78.72922528736011]
  We propose a novel approach, black-box adversarial reprogramming (BAR), that repurposes a well-trained black-box machine learning model. Using zeroth order optimization and multi-label mapping techniques, BAR can reprogram a black-box ML model solely based on its input-output responses. BAR outperforms state-of-the-art methods and yields comparable performance to the vanilla adversarial reprogramming method.
  arXiv  Detail & Related papers  (2020-07-17T01:52:34Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.