Edinburgh Research Explorer

More Semantics More Robust: Improving Android Malware Classifiers

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Original languageEnglish
Title of host publication9th ACM Conference on Security and Privacy in Wireless and Mobile Networks
Place of PublicationDarmstadt, Germany
PublisherACM
Pages147-158
Number of pages12
ISBN (Print)978-1-4503-4270-4
DOIs
Publication statusPublished - 18 Jul 2016
Event9th ACM Conference on Security and Privacy in Wireless and Mobile Networks 2016 - Darmstadt, Germany
Duration: 18 Jul 201620 Jul 2016
http://www.sigsac.org/wisec/WiSec2016/

Conference

Conference9th ACM Conference on Security and Privacy in Wireless and Mobile Networks 2016
Abbreviated titleWiSec 2016
CountryGermany
CityDarmstadt
Period18/07/1620/07/16
Internet address

Abstract

Automatic malware classifiers often perform badly on the detection of new malware, i.e., their robustness is poor. We study the machine-learning-based mobile malware classifiers and reveal one reason: the input features used by these classifiers can’t capture general behavioural patterns of malware instances. We extract the best-performing syntax-based features like permissions and API calls, and some semantics-based features like happen-befores and unwanted behaviours, and train classifiers using popular supervised and semi-supervised learning methods. By comparing their classification performance on industrial datasets collected across several years, we demonstrate that using semantics-based features can dramatically improve robustness of malware classifiers.

Event

9th ACM Conference on Security and Privacy in Wireless and Mobile Networks 2016

18/07/1620/07/16

Darmstadt, Germany

Event: Conference

Download statistics

No data available

ID: 25498605