A Review on Android Malware: Attacks, Countermeasures and Challenges Ahead
DOI:
https://doi.org/10.13052/jcsm2245-1439.1017Keywords:
Malware, Anomaly Detection, Attacks, Defense, Evasion attack, Obfuscation attack, Android, adversarial attackAbstract
Smartphones usage have become ubiquitous in modern life serving as a double-edged sword with opportunities and challenges in it. Along with the benefits, smartphones also have high exposure to malware. Malware has progressively penetrated thereby causing more turbulence. Malware authors have become increasingly sophisticated and are able to evade detection by anti-malware engines. This has led to a constant arms race between malware authors and malware defenders. This survey converges on Android malware and covers a walkthrough of the various obfuscation attacks deployed during malware analysis phase along with the myriad of adversarial attacks operated at malware detection phase. The review also unscrambles the difficulties currently faced in deploying an on-device, lightweight malware detector. It sheds spotlight for researchers to perceive the current state of the art techniques available to fend off malware along with suggestions on possible future directions
Downloads
References
W. Han, J. Xue, Y. Wang, L. Huang, Z. Kong, and L. Mao, “Maldae: Detecting and explaining malware based on correlation and fusion of static and dynamic characteristics,” Computers & Security, vol. 83, pp. 208–233, 2019.
J.-Y. Kim, S.-J. Bu, and S.-B. Cho, “Zero-day malware detection using transferred generative adversarial networks based on deep autoencoders,” Information Sciences, vol. 460, pp. 83–102, 2018.
S. Y. Yerima and S. Sezer, “Droidfusion: A novel multilevel classifier fusion approach for android malware detection,” IEEE transactions on cybernetics, vol. 49, no. 2, pp. 453–466, 2018.
W. Yuan, Y. Jiang, H. Li, and M. Cai, “A lightweight on-device detection method for android malware,” IEEE Transactions on Systems, Man, and Cybernetics: Systems, 2019.
C. Hasegawa and H. Iyatomi, “One-dimensional convolutional neural networks for android malware detection,” in 2018 IEEE 14th International Colloquium on Signal Processing & Its Applications (CSPA), pp. 99–102, IEEE, 2018.
Z.-U. Rehman, S. N. Khan, K. Muhammad, J. W. Lee, Z. Lv, S. W. Baik, P. A. Shah, K. Awan, and I. Mehmood, “Machine learning-assisted signature and heuristic-based detection of malwares in android devices,” Computers & Electrical Engineering, vol. 69, pp. 828–841, 2018.
C. Bai, Q. Han, G. Mezzour, F. Pierazzi, and V. Subrahmanian, “Dbank: Predictive behavioral analysis of recent android banking trojans,” IEEE Transactions on Dependable and Secure Computing, 2019.
M. Christodorescu and S. Jha, “Static analysis of executables to detect malicious patterns,” tech. rep., WISCONSIN UNIV-MADISON DEPT OF COMPUTER SCIENCES, 2006.
A. Moser, C. Kruegel, and E. Kirda, “Limits of static analysis for malware detection,” in Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007), pp. 421–430, IEEE, 2007.
I. You and K. Yim, “Malware obfuscation techniques: A brief survey,” in 2010 International conference on broadband, wireless computing, communication and applications, pp. 297–300, IEEE, 2010.
M. Sikorski and A. Honig, Practical malware analysis: the hands-on guide to dissecting malicious software. no starch press, 2012.
A. Aghamohammadi and F. Faghih, “Lightweight versus obfuscation-resilient malware detection in android applications,” Journal of Computer Virology and Hacking Techniques, pp. 1–15, 2019.
J. Garcia, M. Hammad, and S. Malek, “Lightweight, obfuscation-resilient detection and family identification of android malware,” ACM Transactions on Software Engineering and Methodology (TOSEM), vol. 26, no. 3, pp. 1–29, 2018.
S. Sen, E. Aydogan, and A. I. Aysan, “Coevolution of mobile malware and anti-malware,” IEEE Transactions on Information Forensics and Security, vol. 13, no. 10, pp. 2563–2574, 2018.
M. Brand, C. Valli, and A. Woodward, “Malware forensics: Discovery of the intent of deception,” Journal of Digital Forensics, Security and Law, vol. 5, no. 4, p. 2, 2010.
V. Rastogi, Y. Chen, and X. Jiang, “Catch me if you can: Evaluating android anti-malware against transformation attacks,” IEEE Transactions on Information Forensics and Security, vol. 9, no. 1, pp. 99–108, 2013.
D. Maiorca, D. Ariu, I. Corona, M. Aresu, and G. Giacinto, “Stealth attacks: An extended insight into the obfuscation effects on android malware,” Computers & Security, vol. 51, pp. 16–31, 2015.
D. Gibert, C. Mateu, and J. Planes, “The rise of machine learning for detection and classification of malware: Research developments, trends and challenges,” Journal of Network and Computer Applications, p. 102526, 2020.
P. Faruki, A. Bharmal, V. Laxmi, V. Ganmoor, M. S. Gaur, M. Conti, and M. Rajarajan, “Android security: a survey of issues, malware penetration, and defenses,” IEEE communications surveys & tutorials, vol. 17, no. 2, pp. 998–1022, 2014.
Mcafee, “evolution-of-malware-sandbox-evasion-tactics-a-retrospective-study.” https://www.mcafee.com/blogs/other-blogs/mcafee-labs/evolution-of-malware-sandbox-evasion-tactics-a-retrospective-study/, 2019.
Cylance. https://www.cylance.com/en-us/resources/knowledge-center/ai-and-ml-for-security.html, 2019.
CrowdStrike. https://www.crowdstrike.com/blog/defending-against-malware-with-machine-learning/, 2019.
cleverhans. http://www.cleverhans.io/security/privacy/ml/2016/12/16/breaking-things-is-easy.html, 2019.
darpa.mil. https://www.darpa.mil/news-events/2019-02-06, 2019.
ai.google. https://ai.google/responsibilities/responsible-ai-practices/, 2019.
adversarial robustness. https://github.com/IBM/adversarial-robustness-toolbox/, 2019.
securing-artificial intelligence. https://docs.microsoft.com/en-us/security/engineering/securing-artificial-intelligence-machine-learning, 2019.
secml.gitlab. https://secml.gitlab.io/, 2019.
tensorflow cleverhans. https://github.com/tensorflow/cleverhans, 2019.
A. Chakraborty, M. Alam, V. Dey, A. Chattopadhyay, and D. Mukhopadhyay, “Adversarial attacks and defences: A survey,” arXiv preprint arXiv:1810.00069, 2018.
S. Qiu, Q. Liu, S. Zhou, and C. Wu, “Review of artificial intelligence adversarial attack and defense technologies,” Applied Sciences, vol. 9, no. 5, p. 909, 2019.
X. Yuan, P. He, Q. Zhu, and X. Li, “Adversarial examples: Attacks and defenses for deep learning,” IEEE transactions on neural networks and learning systems, vol. 30, no. 9, pp. 2805–2824, 2019.
I. Goodfellow, “Defense against the dark arts: An overview of adversarial example security research and future research directions,” arXiv preprint arXiv:1806.04169, 2018.
I. Goodfellow, P. McDaniel, and N. Papernot, “Making machine learning robust against adversarial inputs,” Communications of the ACM, vol. 61, no. 7, pp. 56–66, 2018.
E. Tabassi, K. J. Burns, M. Hadjimichael, A. D. Molina-Markham, and J. T. Sexton, “A taxonomy and terminology of adversarial machine learning,” 2019.
medialibrary. https://www.sophos.com/en-us/medialibrary/pdfs/technical-papers/sophoslabs-uncut-2020-threat-report.pdf, 2019.
skylightcyber. https://skylightcyber.com/2019/07/18/cylance-i-kill-you/, 2019.
F. Pierazzi, F. Pendlebury, J. Cortellazzi, and L. Cavallaro, “Intriguing properties of adversarial ml attacks in the problem space,” in 2020 IEEE Symposium on Security and Privacy (SP), pp. 1308–1325, IEEE Computer Society, 2020.
X. Chen, C. Li, D. Wang, S. Wen, J. Zhang, S. Nepal, Y. Xiang, and K. Ren, “Android hiv: A study of repackaging malware for evading machine-learning detection,” arXiv preprint arXiv:1808.04218, 2018.
I. Rosenberg, A. Shabtai, L. Rokach, and Y. Elovici, “Generic black-box end-to-end attack against state of the art api call based malware classifiers,” in International Symposium on Research in Attacks, Intrusions, and Defenses, pp. 490–510, Springer, 2018.
H. S. Anderson, A. Kharkar, B. Filar, D. Evans, and P. Roth, “Learning to evade static pe machine learning malware models via reinforcement learning,” arXiv preprint arXiv:1801.08917, 2018.
F. Kreuk, A. Barak, S. Aviv-Reuven, M. Baruch, B. Pinkas, and J. Keshet, “Deceiving end-to-end deep learning malware detectors using adversarial examples,” arXiv preprint arXiv:1802.04528, 2018.
B. Kolosnjaji, A. Demontis, B. Biggio, D. Maiorca, G. Giacinto, C. Eckert, and F. Roli, “Adversarial malware binaries: Evading deep learning for malware detection in executables,” arXiv preprint arXiv:1803.04173, 2018.
O. Suciu, S. E. Coull, and J. Johns, “Exploring adversarial examples in malware detection,” arXiv preprint arXiv:1810.08280, 2018.
Í. Íncer Romeo, M. Theodorides, S. Afroz, and D. Wagner, “Adversarially robust malware detection using monotonic classification,” in Proceedings of the Fourth ACM International Workshop on Security and Privacy Analytics, pp. 54–63, 2018.
I. Rosenberg, A. Shabtai, Y. Elovici, and L. Rokach, “Defense methods against adversarial examples for recurrent neural networks,” arXiv preprint arXiv:1901.09963, 2019.
Q. Han, V. Subrahmanian, and Y. Xiong, “Android malware detection via (somewhat) robust irreversible feature transformations,” IEEE Transactions on Information Forensics and Security, 2020.
L. Chen, S. Hou, Y. Ye, and S. Xu, “Droideye: Fortifying security of learning-based classifier against adversarial android malware attacks,” in 2018 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), pp. 782–789, IEEE, 2018.
D. Li, R. Baral, T. Li, H. Wang, Q. Li, and S. Xu, “Hashtran-dnn: A framework for enhancing robustness of deep neural networks against adversarial malware samples,” arXiv preprint arXiv:1809.06498, 2018.
A. Al-Dujaili, A. Huang, E. Hemberg, and U.-M. O’Reilly, “Adversarial deep learning for robust detection of binary encoded malware,” arXiv preprint arXiv:1801.02950, 2018.
S. Chen, M. Xue, L. Fan, S. Hao, L. Xu, H. Zhu, and B. Li, “Automated poisoning attacks and defenses in malware detection systems: An adversarial machine learning approach,” computers & security, vol. 73, pp. 326–344, 2018.
D. Ucci, L. Aniello, and R. Baldoni, “Survey of machine learning techniques for malware analysis,” Computers & Security, vol. 81, pp. 123–147, 2019.
A. Qamar, A. Karim, and V. Chang, “Mobile malware attacks: Review, taxonomy & future directions,” Future Generation Computer Systems, vol. 97, pp. 887–909, 2019.
O. Or Meir, N. Nissim, Y. Elovici, and L. Rokach, “Dynamic malware analysis in the modern era—a state of the art survey,” ACM Computing Surveys (CSUR), vol. 52, no. 5, pp. 1–48, 2019.
A. Afianian, S. Niksefat, B. Sadeghiyan, and D. Baptiste, “Malware dynamic analysis evasion techniques: A survey,” arXiv preprint arXiv:1811.01190, 2018.
C. S. Veerappan, P. L. K. Keong, Z. Tang, and F. Tan, “Taxonomy on malware evasion countermeasures techniques,” in 2018 IEEE 4th World Forum on Internet of Things (WF-IoT), pp. 558–563, IEEE, 2018.
D. Li, Q. Li, Y. Ye, and S. Xu, “Enhancing deep neural networks against adversarial malware examples,” arXiv preprint arXiv:2004.07919, 2020.
venturebeat. https://venturebeat.com/2019/05/07/android-passes-2-5-billion-monthly-active-devices/, 2019.
cisomag. https://www.cisomag.com/mcafee-report-predicts-2020-to-be-year-of-mobile-sneak-attacks/, 2019.
D. E. Denning, “An intrusion-detection model,” IEEE Transactions on software engineering, vol. 1, no. 2, pp. 222–232, 1987.
R. Bace and P. Mell, “Nist special publication on intrusion detection systems,” tech. rep., BOOZ-ALLEN AND HAMILTON INC MCLEAN VA, 2001.
K. Scarfone and P. Mell, “Guide to intrusion detection and prevention systems (idps),” tech. rep., National Institute of Standards and Technology, 2012.
H.-J. Liao, C.-H. R. Lin, Y.-C. Lin, and K.-Y. Tung, “Intrusion detection system: A comprehensive review,” Journal of Network and Computer Applications, vol. 36, no. 1, pp. 16–24, 2013.
A. Torkaman, G. Javadzadeh, and M. Bahrololum, “A hybrid intelligent hids model using two-layer genetic algorithm and neural network,” in The 5th Conference on Information and Knowledge Technology, pp. 92–96, IEEE, 2013.
R. Puzis, M. D. Klippel, Y. Elovici, and S. Dolev, “Optimization of nids placement for protection of intercommunicating critical infrastructures,” in European Conference on Intelligence and Security Informatics, pp. 191–203, Springer, 2008.
B. Randell, On Alan Turing and the origins of digital computers. University of Newcastle upon Tyne, Computing Laboratory, 1972.
J. G. Kemeny, “Theory of self-reproducing automata. john von neumann. edited by arthur w. burks. university of illinois press, urbana, 1966. 408 pp., illus. 10,” 1967.
Creeper. https://www.wikipedia.org/wiki/Creeper-(program), 2019.
F. Cohen, Computer viruses. PhD thesis, University of Southern California Doctoral dissertation, 1986.
F. Cohen, “Computer viruses: theory and experiments,” Computers & security, vol. 6, no. 1, pp. 22–35, 1987.
E. Messmer, “Tech talk: Where’d it come from, anyway?,” Pc World: Business Cen, 2008.
retaildive. https://www.retaildive.com/ex/mobilecommercedaily/a-brief-history-of-mobile-malware, 2019.
malware. https://www.wikipedia.org/wiki/Mobile-malware, 2019.
cybersecurity.att. https://cybersecurity.att.com/blogs/labs-research/analysis-of-trojan-sms.androidos.fakeplayer.a, 2019.
J. E. Canavan, Fundamentals of network security. Artech House, 2001.
S. Bahtiyar, “Anatomy of targeted attacks with smart malware,” Security and Communication Networks, vol. 9, no. 18, pp. 6215–6226, 2016.
M. La Polla, F. Martinelli, and D. Sgandurra, “A survey on security for mobile devices,” IEEE communications surveys & tutorials, vol. 15, no. 1, pp. 446–471, 2012.
f secure. https://www.f-secure.com/v-descs/brador.shtml, 2019.
welivesecurity. https://www.welivesecurity.com/2019/07/29/android-ransomware-back/, 2019.
blog.trendmicro. http://blog.trendmicro.com/trendlabs-security-intelligence/hackingteam-rcsandroid-spying-tool-listens-to-calls-roots-devices-to-get-in/, 2019.
Y. Fratantonio, A. Bianchi, W. Robertson, E. Kirda, C. Kruegel, and G. Vigna, “Triggerscope: Towards detecting logic bombs in android applications,” in 2016 IEEE symposium on security and privacy (SP), pp. 377–396, IEEE, 2016.
G. Hoglund and J. Butler, Rootkits: subverting the Windows kernel. Addison-Wesley Professional, 2006.
Google. https://www.wikipedia.org/wiki/Google-Play, 2019.
blog.checkpoint. https://blog.checkpoint.com/2016/07/01/from-hummingbad-to-worse-new-in-depth-details-and-analysis-of-the-hummingbad-andriod-malware-campaign/, 2019.
bleepingcomputer. https://www.bleepingcomputer.com/news/security/new-mysterybot-android-malware-packs-a-banking-trojan-keylogger-and-ransomware/, 2019.
zdnet. https://www.zdnet.com/article/the-ultimate-guide-to-finding-and-killing-spyware-and-stalkerware/, 2019.
B. C. Brown, How to Stop E-mail Spam, Spyware, Malware, Computer Viruses, and Hackers from Ruining Your Computer Or Network: The Complete Guide for Your Home and Work. Atlantic Publishing Company, 2010.
Q. Hu and T. Dinev, “Is spyware an internet nuisance or public menace?,” Communications of the ACM, vol. 48, no. 8, pp. 61–66, 2005.
gadgets.ndtv. https://gadgets.ndtv.com/apps/news/17-android-apps-google-play-store-adware-discovered-bitdefender-2164911, 2019.
nakedsecurity.sophos. https://nakedsecurity.sophos.com/2013/05/31/android-malware-in-pictures-a-blow-by-blow-account-of-mobile-scareware/, 2019.
X. Luo and Q. Liao, “Awareness education as the key to ransomware prevention,” Information Systems Security, vol. 16, no. 4, pp. 195–202, 2007.
economictimes.indiatimes. https://economictimes.indiatimes.com/tech/internet/cognizant-hit-by-maze-ransomware-attack/articleshow/75228505.cms, 2019.
tripwire. https://www.tripwire.com/state-of-security/security-data-protection/3-malware-trends/, 2019.
itproportal. https://www.itproportal.com/features/new-types-of-android-ransomware/, 2019.
A. Pastor, A. Mozo, S. Vakaruk, D. Canavese, D. R. López, L. Regano, S. Gómez-Canaval, and A. Lioy, “Detection of encrypted cryptomining malware connections with machine and deep learning,” IEEE Access, vol. 8, pp. 158036–158055, 2020.
techradar. https://www.techradar.com/in/news/android-banking-botnet-targets-thousands, 2019.
wired. https://www.wired.com/story/google-android-chamois-botnet/, 2019.
first-twitter controlled. https://www.welivesecurity.com/2016/08/24/first-twitter-controlled-android-botnet-discovered/, 2019.
S. Kumar, “An emerging threat fileless malware: a survey and research challenges,” Cybersecurity, vol. 3, no. 1, pp. 1–12, 2020.
S. Mansfield-Devine, “Fileless attacks: compromising targets without malware,” Network Security, vol. 2017, no. 4, pp. 7–11, 2017.
security awareness. https://www.tripwire.com/state-of-security/security-awareness/fileless-malware-stop/, 2019.
security technology. https://www.trendmicro.com/vinfo/in/security/news/security-technology/how-can-advanced-sandboxing-techniques-thwart-elusive-malware, 2019.
comparitech. https://www.comparitech.com/blog/information-security/fileless-malware-attacks/, 2019.
A. Balakrishnan and C. Schulze, “Code obfuscation literature survey,” CS701 Construction of compilers, vol. 19, 2005.
M. Lindorfer, M. Neugschwandtner, and C. Platzer, “Marvin: Efficient and comprehensive mobile app classification through static and dynamic analysis,” in 2015 IEEE 39th annual computer software and applications conference, vol. 2, pp. 422–433, IEEE, 2015.
M. Christodorescu and S. Jha, “Testing malware detectors,” ACM SIGSOFT Software Engineering Notes, vol. 29, no. 4, pp. 34–44, 2004.
developer.android. https://developer.android.com/guide/components/fundamentals, 2019.
H. Wang, J. Si, H. Li, and Y. Guo, “Rmvdroid: towards a reliable android malware dataset with app metadata,” in 2019 IEEE/ACM 16th International Conference on Mining Software Repositories (MSR), pp. 404–408, IEEE, 2019.
K. Allix, T. F. Bissyandé, J. Klein, and Y. Le Traon, “Androzoo: Collecting millions of android apps for the research community,” in 2016 IEEE/ACM 13th Working Conference on Mining Software Repositories (MSR), pp. 468–471, IEEE, 2016.
f droid.org. https://f-droid.org/en/, 2019.
appsapk. http://www.appsapk.com/, 2019.
apkpure. https://apkpure.com/, 2019.
L. Taheri, A. F. A. Kadir, and A. H. Lashkari, “Extensible android malware detection and family classification using network-flows and api-calls,” in 2019 International Carnahan Conference on Security Technology (ICCST), pp. 1–8, IEEE, 2019.
Y. Li, J. Jang, X. Hu, and X. Ou, “Android malware clustering through malicious payload mining,” in International Symposium on Research in Attacks, Intrusions, and Defenses, pp. 192–214, Springer, 2017.
A. H. Lashkari, A. F. A. Kadir, L. Taheri, and A. A. Ghorbani, “Toward developing a systematic approach to generate benchmark android malware datasets and classification,” in 2018 International Carnahan Conference on Security Technology (ICCST), pp. 1–7, IEEE, 2018.
A. H. Lashkari, A. F. A. Kadir, H. Gonzalez, K. F. Mbah, and A. A. Ghorbani, “Towards a network-based framework for android malware detection and characterization,” in 2017 15th Annual Conference on Privacy, Security and Trust (PST), pp. 233–23309, IEEE, 2017.
A. F. A. Kadir, N. Stakhanova, and A. A. Ghorbani, “Android botnets: What urls are telling us,” in International Conference on Network and System Security, pp. 78–91, Springer, 2015.
D. Arp, M. Spreitzenbarth, M. Hubner, H. Gascon, K. Rieck, and C. Siemens, “Drebin: Effective and explainable detection of android malware in your pocket.,” in Ndss, vol. 14, pp. 23–26, 2014.
contagiominidump. http://contagiominidump.blogspot.com/s, 2019.
code. https://code.google.com/p/androguard/, 2019.
ibotpeaches. https://ibotpeaches.github.io/Apktool/, 2019.
code.google. https://code.google.com/p/dex2jar, 2019.
radare. http://radare.org/y/?p=download, 2019.
dexter. http://dexter.dexlabs.org/, 2019.
hex rays. https://www.hex-rays.com/wp-content/uploads/2019/12/debugging-dalvik.pdf, 2019.
remnux. https://remnux.org/, 2019.
redmine. http://redmine.honeynet.org/projects/are/wiki, 2019.
developer. http://developer.android.com/tools/help/proguard.html, 2019.
saikoa. http://www.saikoa.com/dexguard, 2019.
dexprotector. http://dexprotector.com/, 2019.
W. Wang, X. Wang, D. Feng, J. Liu, Z. Han, and X. Zhang, “Exploring permission-induced risk in android applications for malicious application detection,” IEEE Transactions on Information Forensics and Security, vol. 9, no. 11, pp. 1869–1882, 2014.
X. Liu and J. Liu, “A two-layered permission-based android malware detection scheme,” in 2014 2nd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering, pp. 142–148, IEEE, 2014.
D.-J. Wu, C.-H. Mao, T.-E. Wei, H.-M. Lee, and K.-P. Wu, “Droidmat: Android malware detection through manifest and api calls tracing,” in 2012 Seventh Asia Joint Conference on Information Security, pp. 62–69, IEEE, 2012.
Y. Shao, X. Luo, C. Qian, P. Zhu, and L. Zhang, “Towards a scalable resource-driven approach for detecting repackaged android applications,” in Proceedings of the 30th Annual Computer Security Applications Conference, pp. 56–65, 2014.
J. Song, C. Han, K. Wang, J. Zhao, R. Ranjan, and L. Wang, “An integrated static detection and analysis framework for android,” Pervasive and Mobile Computing, vol. 32, pp. 15–25, 2016.
A. Feizollah, N. B. Anuar, R. Salleh, G. Suarez-Tangil, and S. Furnell, “Androdialysis: Analysis of android intent effectiveness in malware detection,” computers & security, vol. 65, pp. 121–134, 2017.
F. Idrees, M. Rajarajan, M. Conti, T. M. Chen, and Y. Rahulamathavan, “Pindroid: A novel android malware detection system using ensemble learning methods,” Computers & Security, vol. 68, pp. 36–46, 2017.
D. Maiorca, F. Mercaldo, G. Giacinto, C. A. Visaggio, and F. Martinelli, “R-packdroid: Api package-based characterization and detection of mobile ransomware,” in Proceedings of the symposium on applied computing, pp. 1718–1723, 2017.
G. Meng, Y. Xue, Z. Xu, Y. Liu, J. Zhang, and A. Narayanan, “Semantic modelling of android malware for effective malware comprehension, detection, and classification,” in Proceedings of the 25th International Symposium on Software Testing and Analysis, pp. 306–317, 2016.
K. Zhao, D. Zhang, X. Su, and W. Li, “Fest: A feature extraction and selection tool for android malware detection,” in 2015 IEEE symposium on computers and communication (ISCC), pp. 714–720, IEEE, 2015.
S. Hahn, M. Protsenko, and T. Müller, “Comparative evaluation of machine learning-based malware detection on android.,” Sicherheit 2016-Sicherheit, Schutz und Zuverlässigkeit, 2016.
M. R. Amin, M. Zaman, M. S. Hossain, and M. Atiquzzaman, “Behavioral malware detection approaches for android,” in 2016 IEEE International Conference on Communications (ICC), pp. 1–6, IEEE, 2016.
G. Canfora, A. De Lorenzo, E. Medvet, F. Mercaldo, and C. A. Visaggio, “Effectiveness of opcode ngrams for detection of multi family android malware,” in 2015 10th International Conference on Availability, Reliability and Security, pp. 333–340, IEEE, 2015.
D. Su, W. Wang, X. Wang, and J. Liu, “Anomadroid: Profiling android applications’ behaviors for identifying unknown malapps,” in 2016 IEEE Trustcom/BigDataSE/ISPA, pp. 691–698, IEEE, 2016.
S. Bhandari, R. Gupta, V. Laxmi, M. S. Gaur, A. Zemmari, and M. Anikeev, “Draco: Droid analyst combo an android malware analysis framework,” in Proceedings of the 8th International Conference on Security of Information and Networks, pp. 283–289, 2015.
K.-H.-T. Dam and T. Touili, “Learning android malware,” in Proceedings of the 12th International Conference on Availability, Reliability and Security, pp. 1–9, 2017.
M. Zhang, Y. Duan, H. Yin, and Z. Zhao, “Semantics-aware android malware classification using weighted contextual api dependency graphs,” in Proceedings of the 2014 ACM SIGSAC conference on computer and communications security, pp. 1105–1116, 2014.
Y. Zhou, Z. Wang, W. Zhou, and X. Jiang, “Hey you get off of my market: detecting malicious apps in official and alternative android markets,” in NDSS, vol. 25, pp. 50–52, 2012.
K. Chen, P. Liu, and Y. Zhang, “Achieving accuracy and scalability simultaneously in detecting application clones on android markets,” in Proceedings of the 36th International Conference on Software Engineering, pp. 175–186, 2014.
T. Chen, Q. Mao, Y. Yang, M. Lv, and J. Zhu, “Tinydroid: a lightweight and efficient model for android malware detection and classification,” Mobile Information Systems, vol. 2018, 2018.
G. Suarez-Tangil, S. K. Dash, M. Ahmadi, J. Kinder, G. Giacinto, and L. Cavallaro, “Droidsieve: Fast and accurate classification of obfuscated android malware,” in Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, pp. 309–320, 2017.
H. Gonzalez, N. Stakhanova, and A. A. Ghorbani, “Droidkin: Lightweight detection of android apps similarity,” in International Conference on Security and Privacy in Communication Networks, pp. 436–453, Springer, 2014.
M. Ahmadi, A. Sotgiu, and G. Giacinto, “Intelliav: Building an effective on-device android malware detector,” arXiv preprint arXiv:1802.01185, 2018.
N. Islam, S. Das, and Y. Chen, “On-device mobile phone security exploits machine learning,” IEEE Pervasive Computing, vol. 16, no. 2, pp. 92–96, 2017.
W. Hu and Y. Tan, “Generating adversarial malware examples for black-box attacks based on gan,” arXiv preprint arXiv:1702.05983, 2017.
C. Collberg, C. Thomborson, and D. Low, “A taxonomy of obfuscating transformations,” 1997.
P. Graux, J.-F. Lalande, and V. V. T. Tong, “Obfuscated android application development,” in Proceedings of the Third Central European Cybersecurity Conference, pp. 1–6, 2019.
D. Lowd and C. Meek, “Adversarial learning,” in Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining, pp. 641–647, 2005.
L. Huang, A. D. Joseph, B. Nelson, B. I. Rubinstein, and J. D. Tygar, “Adversarial machine learning,” in Proceedings of the 4th ACM workshop on Security and artificial intelligence, pp. 43–58, 2011.
N. Papernot, P. McDaniel, A. Sinha, and M. Wellman, “Towards the science of security and privacy in machine learning,” arXiv preprint arXiv:1611.03814, 2016.
N. Papernot, P. McDaniel, S. Jha, M. Fredrikson, Z. B. Celik, and A. Swami, “The limitations of deep learning in adversarial settings,” in 2016 IEEE European symposium on security and privacy (Euro S and P), pp. 372–387, IEEE, 2016.
O. Suciu, S. E. Coull, and J. Johns, “Exploring adversarial examples in malware detection,” in 2019 IEEE Security and Privacy Workshops (SPW), pp. 8–14, IEEE, 2019.
K. Grosse, N. Papernot, P. Manoharan, M. Backes, and P. McDaniel, “Adversarial examples for malware detection,” in European Symposium on Research in Computer Security, pp. 62–79, Springer, 2017.
gartner. https://www.gartner.com/en/documents/3899783, 2019.
S. Radack, “Federal information processing standard (fips) 199, standards for security categorization of federal information and information systems,” tech. rep., National Institute of Standards and Technology, 2004.
C. M. Bishop, Pattern recognition and machine learning. springer, 2006.
X. Chen, C. Li, D. Wang, S. Wen, J. Zhang, S. Nepal, Y. Xiang, and K. Ren, “Android hiv: A study of repackaging malware for evading machine-learning detection,” IEEE Transactions on Information Forensics and Security, vol. 15, pp. 987–1001, 2019.
A. S. Chivukula and W. Liu, “Adversarial deep learning models with multiple adversaries,” IEEE Transactions on Knowledge and Data Engineering, vol. 31, no. 6, pp. 1066–1079, 2018.
P. Samangouei, M. Kabkab, and R. Chellappa, “Defense-gan: Protecting classifiers against adversarial attacks using generative models,” arXiv preprint arXiv:1805.06605, 2018.
N. Carlini, Evaluation and design of robust neural network defenses. PhD thesis, UC Berkeley, 2018.
F. Liao, M. Liang, Y. Dong, T. Pang, X. Hu, and J. Zhu, “Defense against adversarial attacks using high-level representation guided denoiser,” in Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 1778–1787, 2018.
B. Biggio, B. Nelson, and P. Laskov, “Support vector machines under adversarial label noise,” in Asian conference on machine learning, pp. 97–112, 2011.
A. D. Joseph, P. Laskov, F. Roli, J. D. Tygar, and B. Nelson, “Machine learning methods for computer security (dagstuhl perspectives workshop 12371),” in Dagstuhl Manifestos, vol. 3, Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik, 2013.
B. Biggio, B. Nelson, and P. Laskov, “Poisoning attacks against support vector machines,” arXiv preprint arXiv:1206.6389, 2012.
W. Stallings, Cryptography and network security, 4/E. Pearson Education India, 2006.
F. Tramèr, F. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart, “Stealing machine learning models via prediction apis,” in 25th {
USENIX} Security Symposium ({USENIX}
Security 16), pp. 601–618, 2016.
M. Fredrikson, S. Jha, and T. Ristenpart, “Model inversion attacks that exploit confidence information and basic countermeasures,” in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 1322–1333, 2015.
R. Shokri, M. Stronati, C. Song, and V. Shmatikov, “Membership inference attacks against machine learning models,” in 2017 IEEE Symposium on Security and Privacy (SP), pp. 3–18, IEEE, 2017.
B. Biggio, I. Corona, D. Maiorca, B. Nelson, N. Šrndić, P. Laskov, G. Giacinto, and F. Roli, “Evasion attacks against machine learning at test time,” in Joint European conference on machine learning and knowledge discovery in databases, pp. 387–402, Springer, 2013.
I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples,” arXiv preprint arXiv:1412.6572, 2014.
N. Papernot, P. McDaniel, I. Goodfellow, S. Jha, Z. B. Celik, and A. Swami, “Practical black-box attacks against machine learning,” in Proceedings of the 2017 ACM on Asia conference on computer and communications security, pp. 506–519, 2017.
P.-Y. Chen, H. Zhang, Y. Sharma, J. Yi, and C.-J. Hsieh, “Zoo: Zeroth order optimization based black-box attacks to deep neural networks without training substitute models,” in Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, pp. 15–26, 2017.
W. Xu, Y. Qi, and D. Evans, “Automatically evading classifiers,” in Proceedings of the 2016 network and distributed systems symposium, vol. 10, 2016.
W. Yang, D. Kong, T. Xie, and C. A. Gunter, “Malware detection in adversarial settings: Exploiting feature evolutions and confusions in android apps,” in Proceedings of the 33rd Annual Computer Security Applications Conference, pp. 288–302, 2017.
P. Laskov et al., “Practical evasion of a learning-based classifier: A case study,” in 2014 IEEE symposium on security and privacy, pp. 197–211, IEEE, 2014.
B. Biggio, K. Rieck, D. Ariu, C. Wressnegger, I. Corona, G. Giacinto, and F. Roli, “Poisoning behavioral malware clustering,” in Proceedings of the 2014 workshop on artificial intelligent and security workshop, pp. 27–36, 2014.
I. Rosenberg, A. Shabtai, L. Rokach, and Y. Elovici, “Low resource black-box end-to-end attack against state of the art api call based malware classifiers,” arXiv preprint arXiv:1804.08778, 2018.
H. Dang, Y. Huang, and E.-C. Chang, “Evading classifiers by morphing in the dark,” in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 119–133, 2017.
L. Chen, S. Hou, and Y. Ye, “Securedroid: Enhancing security of machine learning-based detection against adversarial android malware attacks,” in Proceedings of the 33rd Annual Computer Security Applications Conference, pp. 362–372, 2017.
Q. Wang, W. Guo, K. Zhang, A. G. Ororbia, X. Xing, X. Liu, and C. L. Giles, “Adversary resistant deep neural networks with an application to malware detection,” in Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1145–1153, 2017.
N. Papernot, P. McDaniel, X. Wu, S. Jha, and A. Swami, “Distillation as a defense to adversarial perturbations against deep neural networks,” in 2016 IEEE Symposium on Security and Privacy (SP), pp. 582–597, IEEE, 2016.
F. Tramèr, A. Kurakin, N. Papernot, I. Goodfellow, D. Boneh, and P. McDaniel, “Ensemble adversarial training: Attacks and defenses,” arXiv preprint arXiv:1705.07204, 2017.
B. Nelson, M. Barreno, F. J. Chi, A. D. Joseph, B. I. Rubinstein, U. Saini, C. A. Sutton, J. D. Tygar, and K. Xia, “Exploiting machine learning to subvert your spam filter.,” LEET, vol. 8, pp. 1–9, 2008.
D. Meng and H. Chen, “Magnet: a two-pronged defense against adversarial examples,” in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 135–147, 2017.
W. Xu, D. Evans, and Y. Qi, “Feature squeezing: Detecting adversarial examples in deep neural networks,” arXiv preprint arXiv:1704.01155, 2017.
T. Chakraborty, F. Pierazzi, and V. Subrahmanian, “Ec2: Ensemble clustering and classification for predicting android malware families,” IEEE Transactions on Dependable and Secure Computing, 2017.
Q. Wang, W. Guo, I. Ororbia, G. Alexander, X. Xing, L. Lin, C. L. Giles, X. Liu, P. Liu, and G. Xiong, “Using non-invertible data transformations to build adversarial-robust neural networks,” arXiv preprint arXiv:1610.01934, 2016.
L. Chen, Y. Ye, and T. Bourlai, “Adversarial machine learning in malware detection: Arms race between evasion attack and defense,” in 2017 European Intelligence and Security Informatics Conference (EISIC), pp. 99–106, IEEE, 2017.
A. Demontis, M. Melis, B. Biggio, D. Maiorca, D. Arp, K. Rieck, I. Corona, G. Giacinto, and F. Roli, “Yes, machine learning can be more secure! a case study on android malware detection,” IEEE Transactions on Dependable and Secure Computing, 2017.
F. Zhang, P. P. Chan, B. Biggio, D. S. Yeung, and F. Roli, “Adversarial feature selection against evasion attacks,” IEEE transactions on cybernetics, vol. 46, no. 3, pp. 766–777, 2015.
D. Li, Q. Li, Y. Ye, and S. Xu, “Enhancing robustness of deep neural networks against adversarial malware samples: Principles, framework, and aics’2019 challenge,” arXiv preprint arXiv:1812.08108, 2018.
J. W. Stokes, D. Wang, M. Marinescu, M. Marino, and B. Bussone, “Attack and defense of dynamic analysis-based, adversarial neural malware classification models,” arXiv preprint arXiv:1712.05919, 2017.
L. Tong, B. Li, C. Hajaj, C. Xiao, and Y. Vorobeychik, “A framework for validating models of evasion attacks on machine learning, with application to pdf malware detection,” arXiv preprint arXiv:1708.08327, 2017.
D. Lowd and C. Meek, “Good word attacks on statistical spam filters.,” in CEAS, vol. 2005, 2005.
D. Wagner and P. Soto, “Mimicry attacks on host-based intrusion detection systems,” in Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 255–264, 2002.
