How Can We Craft Large-Scale Android Malware? An Automated Poisoning Attack

Sen Chen, Minhui Xue, Lingling Fan, Lei Ma, Yang Liu, Lihua Xu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Android malware, is one of the most serious threats to mobile security. Today, machine learning-based approach is one of the most promising approaches in detecting Android malware. However, our previous experiments show that sophisticated attackers can craft large-scale Android malware to pollute training data and pose an automated poisoning attack on machine learning-based malware detection systems (e.g., Drebin, Droidapiminer, Stormdroid, and Mamadroid), and eventually mislead the detection tools. We further examine how machine learning classifiers can be mislead under four different attack models and significantly reduce detection accuracy. Apart from Android malware, to better protect mobile devices, we also discuss a general threat model of Android devices to investigate the capabilities of different attackers.

Original languageEnglish
Title of host publicationAI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile
EditorsYang Liu, Minhui Xue, Lei Ma, Li Li
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages21-24
Number of pages4
ISBN (Electronic)9781728118116
DOIs
Publication statusPublished - Mar 21 2019
Event1st IEEE International Workshop on Artificial Intelligence for Mobile, AI4Mobile 2019 - Hangzhou, China
Duration: Feb 24 2019 → …

Publication series

NameAI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile

Conference

Conference1st IEEE International Workshop on Artificial Intelligence for Mobile, AI4Mobile 2019
CountryChina
CityHangzhou
Period2/24/19 → …

Fingerprint

Learning systems
Mobile devices
Classifiers
Malware
Experiments
Mobile security
Android (operating system)

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence
  • Computer Networks and Communications
  • Signal Processing
  • Software

Cite this

Chen, S., Xue, M., Fan, L., Ma, L., Liu, Y., & Xu, L. (2019). How Can We Craft Large-Scale Android Malware? An Automated Poisoning Attack. In Y. Liu, M. Xue, L. Ma, & L. Li (Eds.), AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile (pp. 21-24). [8672691] (AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/AI4Mobile.2019.8672691

How Can We Craft Large-Scale Android Malware? An Automated Poisoning Attack. / Chen, Sen; Xue, Minhui; Fan, Lingling; Ma, Lei; Liu, Yang; Xu, Lihua.

AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile. ed. / Yang Liu; Minhui Xue; Lei Ma; Li Li. Institute of Electrical and Electronics Engineers Inc., 2019. p. 21-24 8672691 (AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Chen, S, Xue, M, Fan, L, Ma, L, Liu, Y & Xu, L 2019, How Can We Craft Large-Scale Android Malware? An Automated Poisoning Attack. in Y Liu, M Xue, L Ma & L Li (eds), AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile., 8672691, AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile, Institute of Electrical and Electronics Engineers Inc., pp. 21-24, 1st IEEE International Workshop on Artificial Intelligence for Mobile, AI4Mobile 2019, Hangzhou, China, 2/24/19. https://doi.org/10.1109/AI4Mobile.2019.8672691
Chen S, Xue M, Fan L, Ma L, Liu Y, Xu L. How Can We Craft Large-Scale Android Malware? An Automated Poisoning Attack. In Liu Y, Xue M, Ma L, Li L, editors, AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile. Institute of Electrical and Electronics Engineers Inc. 2019. p. 21-24. 8672691. (AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile). https://doi.org/10.1109/AI4Mobile.2019.8672691
Chen, Sen ; Xue, Minhui ; Fan, Lingling ; Ma, Lei ; Liu, Yang ; Xu, Lihua. / How Can We Craft Large-Scale Android Malware? An Automated Poisoning Attack. AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile. editor / Yang Liu ; Minhui Xue ; Lei Ma ; Li Li. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 21-24 (AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile).
@inproceedings{a1853cdf403f4468b7ad1faa0343a709,
title = "How Can We Craft Large-Scale Android Malware? An Automated Poisoning Attack",
abstract = "Android malware, is one of the most serious threats to mobile security. Today, machine learning-based approach is one of the most promising approaches in detecting Android malware. However, our previous experiments show that sophisticated attackers can craft large-scale Android malware to pollute training data and pose an automated poisoning attack on machine learning-based malware detection systems (e.g., Drebin, Droidapiminer, Stormdroid, and Mamadroid), and eventually mislead the detection tools. We further examine how machine learning classifiers can be mislead under four different attack models and significantly reduce detection accuracy. Apart from Android malware, to better protect mobile devices, we also discuss a general threat model of Android devices to investigate the capabilities of different attackers.",
author = "Sen Chen and Minhui Xue and Lingling Fan and Lei Ma and Yang Liu and Lihua Xu",
year = "2019",
month = "3",
day = "21",
doi = "10.1109/AI4Mobile.2019.8672691",
language = "English",
series = "AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "21--24",
editor = "Yang Liu and Minhui Xue and Lei Ma and Li Li",
booktitle = "AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile",
address = "United States",

}

TY - GEN

T1 - How Can We Craft Large-Scale Android Malware? An Automated Poisoning Attack

AU - Chen, Sen

AU - Xue, Minhui

AU - Fan, Lingling

AU - Ma, Lei

AU - Liu, Yang

AU - Xu, Lihua

PY - 2019/3/21

Y1 - 2019/3/21

N2 - Android malware, is one of the most serious threats to mobile security. Today, machine learning-based approach is one of the most promising approaches in detecting Android malware. However, our previous experiments show that sophisticated attackers can craft large-scale Android malware to pollute training data and pose an automated poisoning attack on machine learning-based malware detection systems (e.g., Drebin, Droidapiminer, Stormdroid, and Mamadroid), and eventually mislead the detection tools. We further examine how machine learning classifiers can be mislead under four different attack models and significantly reduce detection accuracy. Apart from Android malware, to better protect mobile devices, we also discuss a general threat model of Android devices to investigate the capabilities of different attackers.

AB - Android malware, is one of the most serious threats to mobile security. Today, machine learning-based approach is one of the most promising approaches in detecting Android malware. However, our previous experiments show that sophisticated attackers can craft large-scale Android malware to pollute training data and pose an automated poisoning attack on machine learning-based malware detection systems (e.g., Drebin, Droidapiminer, Stormdroid, and Mamadroid), and eventually mislead the detection tools. We further examine how machine learning classifiers can be mislead under four different attack models and significantly reduce detection accuracy. Apart from Android malware, to better protect mobile devices, we also discuss a general threat model of Android devices to investigate the capabilities of different attackers.

UR - http://www.scopus.com/inward/record.url?scp=85064204113&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85064204113&partnerID=8YFLogxK

U2 - 10.1109/AI4Mobile.2019.8672691

DO - 10.1109/AI4Mobile.2019.8672691

M3 - Conference contribution

AN - SCOPUS:85064204113

T3 - AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile

SP - 21

EP - 24

BT - AI4Mobile 2019 - 2019 IEEE 1st International Workshop on Artificial Intelligence for Mobile

A2 - Liu, Yang

A2 - Xue, Minhui

A2 - Ma, Lei

A2 - Li, Li

PB - Institute of Electrical and Electronics Engineers Inc.

ER -