Metamorphic Detection of Repackaged Malware

04/27/2021
by   Shirish Singh, et al.
0

Machine learning-based malware detection systems are often vulnerable to evasion attacks, in which a malware developer manipulates their malicious software such that it is misclassified as benign. Such software hides some properties of the real class or adopts some properties of a different class by applying small perturbations. A special case of evasive malware hides by repackaging a bonafide benign mobile app to contain malware in addition to the original functionality of the app, thus retaining most of the benign properties of the original app. We present a novel malware detection system based on metamorphic testing principles that can detect such benign-seeming malware apps. We apply metamorphic testing to the feature representation of the mobile app rather than to the app itself. That is, the source input is the original feature vector for the app and the derived input is that vector with selected features removed. If the app was originally classified benign and is indeed benign, the output for the source and derived inputs should be the same class, i.e., benign, but if they differ, then the app is exposed as likely malware. Malware apps originally classified as malware should retain that classification since only features prevalent in benign apps are removed. This approach enables the machine learning model to classify repackaged malware with reasonably few false negatives and false positives. Our training pipeline is simpler than many existing ML-based malware detection methods, as the network is trained end-to-end to learn appropriate features and perform classification. We pre-trained our classifier model on 3 million apps collected from the widely-used AndroZoo dataset. We perform an extensive study on other publicly available datasets to show our approach's effectiveness in detecting repackaged malware with more than94 score.

READ FULL TEXT

page 1

page 2

research
07/27/2020

Feature importance in mobile malware detection

The topic of mobile malware detection on the Android platform has attrac...
research
11/07/2017

Contaminant Removal for Android Malware Detection Systems

A recent report indicates that there is a new malicious app introduced e...
research
04/24/2020

Why an Android App is Classified as Malware? Towards Malware Classification Interpretation

Machine learning (ML) based approach is considered as one of the most pr...
research
09/03/2022

Illegal But Not Malware: An Underground Economy App Detection System Based on Usage Scenario

This paper focuses on mobile apps serving the underground economy by pro...
research
07/17/2023

Metadata-based Malware Detection on Android using Machine Learning

In the digitized world, smartphones and their apps play an important rol...
research
10/18/2022

A Novel Feature Representation for Malware Classification

In this study we have presented a novel feature representation for malic...
research
03/02/2019

Clicktok: Click Fraud Detection using Traffic Analysis

Advertising is a primary means for revenue generation for millions of we...

Please sign up or login with your details

Forgot password? Click here to reset