Empirical evaluation of minority oversampling techniques in the context of Android malware detection
In Android malware classification, the distribution of training data among classes is often imbalanced. This causes the learning algorithm to bias towards the dominant classes, resulting in mis-classification of minority classes. One effective way to improve the performance of classifiers is the syn...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2021
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/6852 https://ink.library.smu.edu.sg/context/sis_research/article/7855/viewcontent/Smote_2021.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-7855 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-78552022-05-10T05:07:37Z Empirical evaluation of minority oversampling techniques in the context of Android malware detection SHAR, Lwin Khin TA, Nguyen Binh Duong LO, David In Android malware classification, the distribution of training data among classes is often imbalanced. This causes the learning algorithm to bias towards the dominant classes, resulting in mis-classification of minority classes. One effective way to improve the performance of classifiers is the synthetic generation of minority instances. One pioneer technique in this area is Synthetic Minority Oversampling Technique (SMOTE) and since its publication in 2002, several variants of SMOTE have been proposed and evaluated on various imbalanced datasets. However, these techniques have not been evaluated in the context of Android malware detection. Studies have shown that the performance of SMOTE and its variants can vary across different application domains. In this paper, we conduct a large scale empirical evaluation of SMOTE and its variants on six different datasets that reflect six types of features commonly used in Android malware detection. The datasets are extracted from a benchmark of 4,572 benign apps and 2,399 malicious Android apps, used in our previous study. Through extensive experiments, we set a new baseline in the field of Android malware detection, and provide guidance to practitioners on the application of different SMOTE variants to Android malware detection. 2021-12-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/6852 info:doi/10.1109/APSEC53868.2021.00042 https://ink.library.smu.edu.sg/context/sis_research/article/7855/viewcontent/Smote_2021.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Malware detection Oversampling Imbalanced learning SMOTE SMOTE variants Android malware Databases and Information Systems Software Engineering |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Malware detection Oversampling Imbalanced learning SMOTE SMOTE variants Android malware Databases and Information Systems Software Engineering |
| spellingShingle |
Malware detection Oversampling Imbalanced learning SMOTE SMOTE variants Android malware Databases and Information Systems Software Engineering SHAR, Lwin Khin TA, Nguyen Binh Duong LO, David Empirical evaluation of minority oversampling techniques in the context of Android malware detection |
| description |
In Android malware classification, the distribution of training data among classes is often imbalanced. This causes the learning algorithm to bias towards the dominant classes, resulting in mis-classification of minority classes. One effective way to improve the performance of classifiers is the synthetic generation of minority instances. One pioneer technique in this area is Synthetic Minority Oversampling Technique (SMOTE) and since its publication in 2002, several variants of SMOTE have been proposed and evaluated on various imbalanced datasets. However, these techniques have not been evaluated in the context of Android malware detection. Studies have shown that the performance of SMOTE and its variants can vary across different application domains. In this paper, we conduct a large scale empirical evaluation of SMOTE and its variants on six different datasets that reflect six types of features commonly used in Android malware detection. The datasets are extracted from a benchmark of 4,572 benign apps and 2,399 malicious Android apps, used in our previous study. Through extensive experiments, we set a new baseline in the field of Android malware detection, and provide guidance to practitioners on the application of different SMOTE variants to Android malware detection. |
| format |
text |
| author |
SHAR, Lwin Khin TA, Nguyen Binh Duong LO, David |
| author_facet |
SHAR, Lwin Khin TA, Nguyen Binh Duong LO, David |
| author_sort |
SHAR, Lwin Khin |
| title |
Empirical evaluation of minority oversampling techniques in the context of Android malware detection |
| title_short |
Empirical evaluation of minority oversampling techniques in the context of Android malware detection |
| title_full |
Empirical evaluation of minority oversampling techniques in the context of Android malware detection |
| title_fullStr |
Empirical evaluation of minority oversampling techniques in the context of Android malware detection |
| title_full_unstemmed |
Empirical evaluation of minority oversampling techniques in the context of Android malware detection |
| title_sort |
empirical evaluation of minority oversampling techniques in the context of android malware detection |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2021 |
| url |
https://ink.library.smu.edu.sg/sis_research/6852 https://ink.library.smu.edu.sg/context/sis_research/article/7855/viewcontent/Smote_2021.pdf |
| _version_ |
1770576107259559936 |