RT Journal Article
T1 Picking on the family: Disrupting android malware triage by forcing misclassification
A1 Calleja Cortiñas, Alejandro
A1 Martín, Alejandro
A1 Menéndez, Héctor D.
A1 Estévez Tapiador, Juan Manuel
A1 Clark, David
AB Machine learning classification algorithms are widely applied to different malware analysis problems because of their proven abilities to learn from examples and perform relatively well with little human input. Use cases include the labelling of malicious samples according to families during triage of suspected malware. However, automated algorithms are vulnerable to attacks. An attacker could carefully manipulate the sample to force the algorithm to produce a particular output. In this paper we discuss one such attack on Android malware classifiers. We design and implement a prototype tool, called lagoDroid, that takes as input a malware sample and a target family, and modifies the sample to cause it to be classified as belonging to this family while preserving its original semantics. Our technique relies on a search process that generates variants of the original sample without modifying their semantics. We tested lagoDroid against RevealDroid, a recent, open source, Android malware classifier based on a variety of static features. IagoDroid successfully forces misclassification for 28 of the 29 representative malware families present in the DREBIN dataset. Remarkably, it does so by modifying just a single feature of the original malware. On average, it finds the first evasive sample in the first search iteration, and converges to a 100% evasive population within 4 iterations. Finally, we introduce RevealDroid*, a more robust classifier that implements several techniques proposed in other adversarial learning domains. Our experiments suggest that RevealDroid* can correctly detect up to 99% of the variants generated by lagoDroid. (C) 2017 The Authors. Published by Elsevier Ltd.
PB Elsevier
SN 0957-4174
YR 2018
FD 2018-04-01
LK https://hdl.handle.net/10016/33920
UL https://hdl.handle.net/10016/33920
LA eng
NO This work has been supported by the following grants: EphemeCH (MINECO TIN2014-56494-C4-4-P) and CIBERDINE (CM S2013/ICE-3095), both under the European Regional Development Fund FEDER; SeMaMatch EP/K032623/1 and InfoTestSS EP/P006116/1 from EPSRC; SPINY (MINECO TIN2013-46469-R) and SMOG-DEV (MINECO TIN2016-79095-C2-2-R) and Justice Programme of the European Union (2014-2020) 723180 – RiskTrack – JUST-2015-JCOO-AG/JUST-2015-JCOO-AG-1.
DS e-Archivo
RD 1 sept. 2024