Experimental Study with Real-world Data for Android App Security Analysis using Machine Learning

Presentation pdf 1,015KB

Although Machine Learning (ML) based approaches have shown promise for Android malware detection, a set of critical challenges remain unaddressed. Some of those challenges arise in relation to proper evaluation of the detection approach while others are related to the design decisions of the same. In this paper, we systematically study the impact of these challenges as a set of research questions (i.e., hypotheses). We design an experimentation framework where we can reliably vary several parameters while evaluating ML-based Android malware detection approaches. The results from the experiments are then used to answer the research questions. Meanwhile, we also demonstrate the impact of some challenges on some existing ML-based approaches. The large (market-scale) dataset (benign and malicious apps) we use in the above experiments represents the real-world Android app security analysis scale. We envision this study to encourage the practice of employing a better evaluation strategy and better designs of future ML-based approaches for Android malware detection.

Author(s):

Sankardas Roy    
Bowling Green State University
United States

Jordan DeLoach    
Kansas State University
United States

Yuping Li    
University of South Florida
United States

Doina Caragea    
Kansas State University
United States

Xinming Ou    
University of South Florida
United States

Nicolae Herndon    
Kansas State University
United States

Venkatesh Ranganath    
Kansas State University
United States

HongMin Li    
Kansas State University
United States

Nicolais Guevara    
Kansas State University
United States