To cope with the increasing variability and sophistication of modern attacks, machine learning has been widely adopted as a statistically-sound tool for malware detection. However, its security against well-crafted attacks has not only been recently questioned, but it has been shown that machine learning exhibits inherent vulnerabilities that can be exploited to evade detection at test time. In other words, machine learning itself can be the weakest link in a security system. In this paper, we rely upon a previously-proposed attack framework to categorize potential attack scenarios against learning-based malware detection tools, by modeling attackers with different skills and capabilities. We then define and implement a set of corresponding evasion attacks to thoroughly assess the security of Drebin, an Android malware detector. The main contribution of this work is the proposal of a simple and scalable secure-learning paradigm that mitigates the impact of evasion attacks, while only slightly worsening the detection rate in the absence of attack. We finally argue that our secure-learning approach can also be readily applied to other malware detection tasks

Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection

Demontis, Ambra
Primo
;
Melis, Marco;Biggio, Battista
;
Maiorca, Davide;Corona, Igino;Giacinto, Giorgio;Roli, Fabio
Ultimo
2019-01-01

Abstract

To cope with the increasing variability and sophistication of modern attacks, machine learning has been widely adopted as a statistically-sound tool for malware detection. However, its security against well-crafted attacks has not only been recently questioned, but it has been shown that machine learning exhibits inherent vulnerabilities that can be exploited to evade detection at test time. In other words, machine learning itself can be the weakest link in a security system. In this paper, we rely upon a previously-proposed attack framework to categorize potential attack scenarios against learning-based malware detection tools, by modeling attackers with different skills and capabilities. We then define and implement a set of corresponding evasion attacks to thoroughly assess the security of Drebin, an Android malware detector. The main contribution of this work is the proposal of a simple and scalable secure-learning paradigm that mitigates the impact of evasion attacks, while only slightly worsening the detection rate in the absence of attack. We finally argue that our secure-learning approach can also be readily applied to other malware detection tasks
2019
Androids; Humanoid robots; Malware; Security; Feature extraction; Tools; Algorithm design and analysis; Android malware detection; static analysis; secure machine learning; computer security
File in questo prodotto:
File Dimensione Formato  
07917369.pdf

accesso aperto

Tipologia: versione post-print
Dimensione 7.59 MB
Formato Adobe PDF
7.59 MB Adobe PDF Visualizza/Apri
07917369.pdf

Solo gestori archivio

Descrizione: articolo
Tipologia: versione editoriale
Dimensione 1.01 MB
Formato Adobe PDF
1.01 MB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11584/234522
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 135
  • ???jsp.display-item.citation.isi??? 130
social impact