Meta-learning for multi-family Android malware classification
With the emergence of smartphones, Android has become a widely used mobile operating system. However, it is vulnerable when encountering various types of attacks. Every day, new malware threatens the security of users' devices and private data. Many methods have been proposed to classify malici...
Saved in:
Main Authors: | , , , , , , , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2024
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/9429 https://ink.library.smu.edu.sg/context/sis_research/article/10429/viewcontent/3664806_pvoa_cc_by.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-10429 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-104292024-10-25T08:34:06Z Meta-learning for multi-family Android malware classification LI, Yao YUAN, Dawei ZHANG, Tao CAI, Haipeng LO, David GAO, Cuiyun LUO, Xiapu JIANG, He With the emergence of smartphones, Android has become a widely used mobile operating system. However, it is vulnerable when encountering various types of attacks. Every day, new malware threatens the security of users' devices and private data. Many methods have been proposed to classify malicious applications, utilizing static or dynamic analysis for classification. However, previous methods still suffer from unsatisfactory performance due to two challenges. First, they are unable to address the imbalanced data distribution problem, leading to poor performance for malware families with few members. Second, they are unable to address the zero-day malware (zero-day malware refers to malicious applications that exploit unknown vulnerabilities) classification problem. In this article, we introduce an innovative meta-learning approach for multi-family Android malware classification named Meta-MAMC, which uses meta-learning technology to learn meta-knowledge (i.e., the similarities and differences among different malware families) of few-family samples and combines new sampling algorithms to solve the above challenges. Meta-MAMC integrates (i) the meta-knowledge contained within the dataset to guide models in learning to identify unknown malware; and (ii) more accurate and diverse tasks based on novel sampling strategies, as well as directly adapting metalearning to a new few-sample and zero-sample task to classify families. We have evaluated Meta-MAMC on two popular datasets and a corpus of real-world Android applications. The results demonstrate its efficacy in accurately classifying malicious applications belonging to certain malware families, even achieving 100% classification in some families. 2024-09-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/9429 info:doi/10.1145/3664806 https://ink.library.smu.edu.sg/context/sis_research/article/10429/viewcontent/3664806_pvoa_cc_by.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Android malware family meta-learning classification Information Security Software Engineering |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
Android malware family meta-learning classification Information Security Software Engineering |
spellingShingle |
Android malware family meta-learning classification Information Security Software Engineering LI, Yao YUAN, Dawei ZHANG, Tao CAI, Haipeng LO, David GAO, Cuiyun LUO, Xiapu JIANG, He Meta-learning for multi-family Android malware classification |
description |
With the emergence of smartphones, Android has become a widely used mobile operating system. However, it is vulnerable when encountering various types of attacks. Every day, new malware threatens the security of users' devices and private data. Many methods have been proposed to classify malicious applications, utilizing static or dynamic analysis for classification. However, previous methods still suffer from unsatisfactory performance due to two challenges. First, they are unable to address the imbalanced data distribution problem, leading to poor performance for malware families with few members. Second, they are unable to address the zero-day malware (zero-day malware refers to malicious applications that exploit unknown vulnerabilities) classification problem. In this article, we introduce an innovative meta-learning approach for multi-family Android malware classification named Meta-MAMC, which uses meta-learning technology to learn meta-knowledge (i.e., the similarities and differences among different malware families) of few-family samples and combines new sampling algorithms to solve the above challenges. Meta-MAMC integrates (i) the meta-knowledge contained within the dataset to guide models in learning to identify unknown malware; and (ii) more accurate and diverse tasks based on novel sampling strategies, as well as directly adapting metalearning to a new few-sample and zero-sample task to classify families. We have evaluated Meta-MAMC on two popular datasets and a corpus of real-world Android applications. The results demonstrate its efficacy in accurately classifying malicious applications belonging to certain malware families, even achieving 100% classification in some families. |
format |
text |
author |
LI, Yao YUAN, Dawei ZHANG, Tao CAI, Haipeng LO, David GAO, Cuiyun LUO, Xiapu JIANG, He |
author_facet |
LI, Yao YUAN, Dawei ZHANG, Tao CAI, Haipeng LO, David GAO, Cuiyun LUO, Xiapu JIANG, He |
author_sort |
LI, Yao |
title |
Meta-learning for multi-family Android malware classification |
title_short |
Meta-learning for multi-family Android malware classification |
title_full |
Meta-learning for multi-family Android malware classification |
title_fullStr |
Meta-learning for multi-family Android malware classification |
title_full_unstemmed |
Meta-learning for multi-family Android malware classification |
title_sort |
meta-learning for multi-family android malware classification |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2024 |
url |
https://ink.library.smu.edu.sg/sis_research/9429 https://ink.library.smu.edu.sg/context/sis_research/article/10429/viewcontent/3664806_pvoa_cc_by.pdf |
_version_ |
1814777849232490496 |