Abstract
As the most widely used OS on earth, Android is heavily targeted by malicious hackers. Though much work has been done on detecting Android malware, hackers are becoming increasingly adept at evading ML classifiers. We develop $\textsf {FARM}$ , a Feature transformation based A nd R oid M alware detector. $\textsf {FARM}$ takes well-known features for Android malware detection and introduces three new types of feature transformations that transform these features irreversibly into a new feature domain. We first test $\textsf {FARM}$ on 6 Android classification problems separating goodware and “other malware” from 3 classes of malware: rooting malware, spyware, and banking trojans. We show that $\textsf {FARM}$ beats standard baselines when no attacks occur. Though we cannot guess all possible attacks that an adversary might use, we propose three realistic attacks on $\textsf {FARM}$ and show that $\textsf {FARM}$ is very robust to these attacks in all classification problems. Additionally, $\textsf {FARM}$ has automatically identified two malware samples which were not previously classified as rooting malware by any of the 61 anti-viruses on VirusTotal. These samples were reported to Google’s Android Security Team who subsequently confirmed our findings.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: IEEE Transactions on Information Forensics and Security
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
