Loading...

Analysis and Countermeasure of Android Malware Generation Using Adversarial Example Generation Methods

Arabzadeh, Mohammad Reza | 2023

96 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 56468 (19)
  4. University: Sharif University of Technology
  5. Department: Computer Engineering
  6. Advisor(s): Amini, Morteza
  7. Abstract:
  8. The widespread use of the Android operating system has made it an attractive target for attackers. In the field of malware identification and mitigation, the use of machine learning methods has seen significant advancements due to their ability to identify unknown malware. One of these methods is graph-based techniques in constructing malware detection systems, which have achieved high success rates in identifying malware. However, machine learning methods suffer from the vulnerability of being misled by adversarial examples. One important aspect in both malware detection systems and adversarial attacks is the limitations imposed on software modification. Any changes made to the application should preserve its execution capability. Unfortunately, there has been less focus on generating adversarial examples for graph-based networks in research studies. In this research, we introduce a graph-based malware detection system and propose a solution for generating adversarial examples based on gradient computation for this class of models, ensuring that the necessary modifications to the program do not compromise its execution capability. The proposed attack only adds edges to the program's graph model. Furthermore, in the proposed attack, it is assumed that the attacker cannot directly influence the computed features of the graph model. In our study, we assumed the use of node embedding as a feature representation method. We also present our solution for countering the mentioned attack, which is based on adversarial retraining. According to the obtained results, our proposed method achieved up to 94% success rate in misleading the detection model. Moreover, the proposed method for applying the necessary changes to perform the attack is designed not to introduce any performance issues in the program. According to the results, the proposed defense solution reduces the attacker's success rate by 14%
  9. Keywords:
  10. Android Operating System ; Adversarial Example ; Deep Learning ; Machine Learning ; Malwares ; Graph Convolutional Networks ; Graph-Based Networks

 Digital Object List

 Bookmark

...see more