Abstract
A growing number of Android malware detection systems are based on Machine Learning (ML) methods. However, ML methods are often vulnerable to evasion attacks, in which an adversary manipulates malicious instances so they are classified as benign. Here, we present a novel evaluation scheme for evasion attack generation that exploits the weak spots of known Android malware detection systems. We implement an innovative evasion attack on Drebin [3]. After our novel evasion attack, Drebin’s detection rate decreased by 12%. However, when inspecting the functionality and maliciousness of the manipulated instances, the maliciousness rate increased, whereas the functionality rate decreased by 72%. We show that non-functional apps, do not constitute a threat to users and are thus useless from an attacker’s point of view. Hence, future evaluations of attacks against Android malware detection systems should also address functionality and maliciousness tests.
Author supplied keywords
Cite
CITATION STYLE
Berger, H., Hajaj, C., & Dvir, A. (2020). Evasion Is Not Enough: A Case Study of Android Malware. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 12161 LNCS, pp. 167–174). Springer. https://doi.org/10.1007/978-3-030-49785-9_11
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
