Quantifying the impact of adversarial evasion attacks on machine learning based android malware classifiers

Zainab Abaid, Mohamed Ali Kaafar, Sanjay Jha

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

5 Citations (Scopus)

Abstract

With the proliferation of Android-based devices, malicious apps have increasingly found their way to user devices. Many solutions for Android malware detection rely on machine learning; although effective, these are vulnerable to attacks from adversaries who wish to subvert these algorithms and allow malicious apps to evade detection. In this work, we present a statistical analysis of the impact of adversarial evasion attacks on various linear and non-linear classifiers, using a recently proposed Android malware classifier as a case study. We systematically explore the complete space of possible attacks varying in the adversary's knowledge about the classifier; our results show that it is possible to subvert linear classifiers (Support Vector Machines and Logistic Regression) by perturbing only a few features of malicious apps, with more knowledgeable adversaries degrading the classifier's detection rate from 100% to 0% and a completely blind adversary able to lower it to 12%. We show non-linear classifiers (Random Forest and Neural Network) to be more resilient to these attacks. We conclude our study with recommendations for designing classifiers to be more robust to the attacks presented in our work.

Original languageEnglish
Title of host publication2017 IEEE 16th International Symposium on Network Computing and Applications
Subtitle of host publicationNCA 2017
EditorsAris Gkoulalas-Divanis, Miguel P. Correia, Dimiter R. Avresky
Place of PublicationPiscataway, NJ
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages1-10
Number of pages10
ISBN (Electronic)9781538614655
ISBN (Print)9781538614648
DOIs
Publication statusPublished - 8 Dec 2017
Event16th IEEE International Symposium on Network Computing and Applications, NCA 2017 - Cambridge, United States
Duration: 30 Oct 20171 Nov 2017

Conference

Conference16th IEEE International Symposium on Network Computing and Applications, NCA 2017
CountryUnited States
CityCambridge
Period30/10/171/11/17

Fingerprint Dive into the research topics of 'Quantifying the impact of adversarial evasion attacks on machine learning based android malware classifiers'. Together they form a unique fingerprint.

  • Cite this

    Abaid, Z., Kaafar, M. A., & Jha, S. (2017). Quantifying the impact of adversarial evasion attacks on machine learning based android malware classifiers. In A. Gkoulalas-Divanis, M. P. Correia, & D. R. Avresky (Eds.), 2017 IEEE 16th International Symposium on Network Computing and Applications: NCA 2017 (pp. 1-10). Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/NCA.2017.8171381