Train me to fight: machine-learning based on-device malware detection for mobile devices

Amirmohammad Pasdar; Young Choon Lee; Tongliang Liu; Seok-Hee Hong

doi:10.1109/CCGrid54584.2022.00033

Train me to fight: machine-learning based on-device malware detection for mobile devices

Amirmohammad Pasdar, Young Choon Lee, Tongliang Liu, Seok-Hee Hong

School of Computing

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

1 Citation (Scopus)

Abstract

Mobile applications (apps) on smartphones have become a primary means to bring a wide variety of services on the go. These apps are provided by third-party developers and service providers. These apps are increasingly diverse, so as are malware. As a result, current signature-based protection approaches are ineffective against new malware. This poses privacy and security risks, increasing smartphones' vulnerability to cyber attacks. In this paper, we present a novel Deep neural network-based On-device Malware Detection (DOM) that employs model personalization and transfer learning for enhancing real-time ondevice detection performance. DOM consists of two on-device machine learning models referred to as generic and personalized models and dynamically analyzes applications to extract a comprehensive set of features. The generic model is a fine-tuned deep neural network (DNN) for labeling applications whose ground truth is not available. In contrast, the personalized model is a lightweight trainable model created by retaining the majority of the generic DNN layers and trainable parameters and adding a new lightweight neural network. The personalized model is further improved with the help of federated learning, which aggregates the personalized model parameters. We have used over 32000 real-world applications from different repositories to train and evaluate DOM. Experiments show that the generic DNN model achieves 98.41% accuracy, and the personalized model has also demonstrated outstanding performance detection with an accuracy of 87%. DOM is very lightweight and uses less than 4% memory consumption.

Original language	English
Title of host publication	22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022
Subtitle of host publication	proceedings
Editors	Maria Fazio, Dhabaleswar K. Panda, Radu Prodan, Valeria Cardellini, Burak Kantarci, Omer Rana, Massimo Villari
Place of Publication	Piscataway, NJ
Publisher	Institute of Electrical and Electronics Engineers (IEEE)
Pages	239-248
Number of pages	10
ISBN (Electronic)	9781665499569
ISBN (Print)	9781665499576
DOIs	https://doi.org/10.1109/CCGrid54584.2022.00033
Publication status	Published - 2022
Event	22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022 - Taormina, Italy Duration: 16 May 2022 → 19 May 2022

Conference

Conference	22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022
Country/Territory	Italy
City	Taormina
Period	16/05/22 → 19/05/22

Access to Document

10.1109/CCGrid54584.2022.00033

Cite this

Pasdar, A., Lee, Y. C., Liu, T., & Hong, S.-H. (2022). Train me to fight: machine-learning based on-device malware detection for mobile devices. In M. Fazio, D. K. Panda, R. Prodan, V. Cardellini, B. Kantarci, O. Rana, & M. Villari (Eds.), 22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022: proceedings (pp. 239-248). Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/CCGrid54584.2022.00033

Pasdar, Amirmohammad ; Lee, Young Choon ; Liu, Tongliang et al. / Train me to fight : machine-learning based on-device malware detection for mobile devices. 22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022: proceedings. editor / Maria Fazio ; Dhabaleswar K. Panda ; Radu Prodan ; Valeria Cardellini ; Burak Kantarci ; Omer Rana ; Massimo Villari. Piscataway, NJ : Institute of Electrical and Electronics Engineers (IEEE), 2022. pp. 239-248

@inproceedings{20eb64f7c3424d1ea4893894dcc76f13,

title = "Train me to fight: machine-learning based on-device malware detection for mobile devices",

abstract = "Mobile applications (apps) on smartphones have become a primary means to bring a wide variety of services on the go. These apps are provided by third-party developers and service providers. These apps are increasingly diverse, so as are malware. As a result, current signature-based protection approaches are ineffective against new malware. This poses privacy and security risks, increasing smartphones' vulnerability to cyber attacks. In this paper, we present a novel Deep neural network-based On-device Malware Detection (DOM) that employs model personalization and transfer learning for enhancing real-time ondevice detection performance. DOM consists of two on-device machine learning models referred to as generic and personalized models and dynamically analyzes applications to extract a comprehensive set of features. The generic model is a fine-tuned deep neural network (DNN) for labeling applications whose ground truth is not available. In contrast, the personalized model is a lightweight trainable model created by retaining the majority of the generic DNN layers and trainable parameters and adding a new lightweight neural network. The personalized model is further improved with the help of federated learning, which aggregates the personalized model parameters. We have used over 32000 real-world applications from different repositories to train and evaluate DOM. Experiments show that the generic DNN model achieves 98.41% accuracy, and the personalized model has also demonstrated outstanding performance detection with an accuracy of 87%. DOM is very lightweight and uses less than 4% memory consumption.",

author = "Amirmohammad Pasdar and Lee, {Young Choon} and Tongliang Liu and Seok-Hee Hong",

year = "2022",

doi = "10.1109/CCGrid54584.2022.00033",

language = "English",

isbn = "9781665499576",

pages = "239--248",

editor = "Maria Fazio and Panda, {Dhabaleswar K.} and Radu Prodan and Valeria Cardellini and Burak Kantarci and Omer Rana and Massimo Villari",

booktitle = "22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

address = "United States",

note = "22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022 ; Conference date: 16-05-2022 Through 19-05-2022",

}

Pasdar, A, Lee, YC, Liu, T & Hong, S-H 2022, Train me to fight: machine-learning based on-device malware detection for mobile devices. in M Fazio, DK Panda, R Prodan, V Cardellini, B Kantarci, O Rana & M Villari (eds), 22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022: proceedings. Institute of Electrical and Electronics Engineers (IEEE), Piscataway, NJ, pp. 239-248, 22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022, Taormina, Italy, 16/05/22. https://doi.org/10.1109/CCGrid54584.2022.00033

Train me to fight: machine-learning based on-device malware detection for mobile devices. / Pasdar, Amirmohammad; Lee, Young Choon; Liu, Tongliang et al.
22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022: proceedings. ed. / Maria Fazio; Dhabaleswar K. Panda; Radu Prodan; Valeria Cardellini; Burak Kantarci; Omer Rana; Massimo Villari. Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE), 2022. p. 239-248.

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

TY - GEN

T1 - Train me to fight

T2 - 22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022

AU - Pasdar, Amirmohammad

AU - Lee, Young Choon

AU - Liu, Tongliang

AU - Hong, Seok-Hee

PY - 2022

Y1 - 2022

N2 - Mobile applications (apps) on smartphones have become a primary means to bring a wide variety of services on the go. These apps are provided by third-party developers and service providers. These apps are increasingly diverse, so as are malware. As a result, current signature-based protection approaches are ineffective against new malware. This poses privacy and security risks, increasing smartphones' vulnerability to cyber attacks. In this paper, we present a novel Deep neural network-based On-device Malware Detection (DOM) that employs model personalization and transfer learning for enhancing real-time ondevice detection performance. DOM consists of two on-device machine learning models referred to as generic and personalized models and dynamically analyzes applications to extract a comprehensive set of features. The generic model is a fine-tuned deep neural network (DNN) for labeling applications whose ground truth is not available. In contrast, the personalized model is a lightweight trainable model created by retaining the majority of the generic DNN layers and trainable parameters and adding a new lightweight neural network. The personalized model is further improved with the help of federated learning, which aggregates the personalized model parameters. We have used over 32000 real-world applications from different repositories to train and evaluate DOM. Experiments show that the generic DNN model achieves 98.41% accuracy, and the personalized model has also demonstrated outstanding performance detection with an accuracy of 87%. DOM is very lightweight and uses less than 4% memory consumption.

AB - Mobile applications (apps) on smartphones have become a primary means to bring a wide variety of services on the go. These apps are provided by third-party developers and service providers. These apps are increasingly diverse, so as are malware. As a result, current signature-based protection approaches are ineffective against new malware. This poses privacy and security risks, increasing smartphones' vulnerability to cyber attacks. In this paper, we present a novel Deep neural network-based On-device Malware Detection (DOM) that employs model personalization and transfer learning for enhancing real-time ondevice detection performance. DOM consists of two on-device machine learning models referred to as generic and personalized models and dynamically analyzes applications to extract a comprehensive set of features. The generic model is a fine-tuned deep neural network (DNN) for labeling applications whose ground truth is not available. In contrast, the personalized model is a lightweight trainable model created by retaining the majority of the generic DNN layers and trainable parameters and adding a new lightweight neural network. The personalized model is further improved with the help of federated learning, which aggregates the personalized model parameters. We have used over 32000 real-world applications from different repositories to train and evaluate DOM. Experiments show that the generic DNN model achieves 98.41% accuracy, and the personalized model has also demonstrated outstanding performance detection with an accuracy of 87%. DOM is very lightweight and uses less than 4% memory consumption.

UR - http://www.scopus.com/inward/record.url?scp=85135747832&partnerID=8YFLogxK

UR - http://purl.org/au-research/grants/arc/DP180102553

U2 - 10.1109/CCGrid54584.2022.00033

DO - 10.1109/CCGrid54584.2022.00033

M3 - Conference proceeding contribution

AN - SCOPUS:85135747832

SN - 9781665499576

SP - 239

EP - 248

BT - 22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022

A2 - Fazio, Maria

A2 - Panda, Dhabaleswar K.

A2 - Prodan, Radu

A2 - Cardellini, Valeria

A2 - Kantarci, Burak

A2 - Rana, Omer

A2 - Villari, Massimo

PB - Institute of Electrical and Electronics Engineers (IEEE)

CY - Piscataway, NJ

Y2 - 16 May 2022 through 19 May 2022

ER -

Pasdar A, Lee YC, Liu T, Hong SH. Train me to fight: machine-learning based on-device malware detection for mobile devices. In Fazio M, Panda DK, Prodan R, Cardellini V, Kantarci B, Rana O, Villari M, editors, 22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022: proceedings. Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE). 2022. p. 239-248 doi: 10.1109/CCGrid54584.2022.00033

Train me to fight: machine-learning based on-device malware detection for mobile devices

Abstract

Conference

Access to Document

Other files and links

Fingerprint

Cite this