DroidEnemy: Battling adversarial example attacks for Android malware detection  

作　　者：Neha Bala Aemun Ahmar Wenjia Li Fernanda Tovar Arpit Battu Prachi Bambarkar 

机构地区：[1]Department of Computer Science,New York Institute of Technology,New York,NY,10023,USA

出　　处：《Digital Communications and Networks》2022年第6期1040-1047,共8页数字通信与网络（英文版）

摘　　要：In recent years,we have witnessed a surge in mobile devices such as smartphones,tablets,smart watches,etc.,most of which are based on the Android operating system.However,because these Android-based mobile devices are becoming increasingly popular,they are now the primary target of mobile malware,which could lead to both privacy leakage and property loss.To address the rapidly deteriorating security issues caused by mobile malware,various research efforts have been made to develop novel and effective detection mechanisms to identify and combat them.Nevertheless,in order to avoid being caught by these malware detection mechanisms,malware authors are inclined to initiate adversarial example attacks by tampering with mobile applications.In this paper,several types of adversarial example attacks are investigated and a feasible approach is proposed to fight against them.First,we look at adversarial example attacks on the Android system and prior solutions that have been proposed to address these attacks.Then,we specifically focus on the data poisoning attack and evasion attack models,which may mutate various application features,such as API calls,permissions and the class label,to produce adversarial examples.Then,we propose and design a malware detection approach that is resistant to adversarial examples.To observe and investigate how the malware detection system is influenced by the adversarial example attacks,we conduct experiments on some real Android application datasets which are composed of both malware and benign applications.Experimental results clearly indicate that the performance of Android malware detection is severely degraded when facing adversarial example attacks.

关 键 词：Security Malware detection Adversarial example attack Data poisoning attack Evasi on attack Machine learning ANDROID 

分 类 号：TP393.08[自动化与计算机技术—计算机应用技术]