TY - JOUR
T1 - Adversarial android malware detection for mobile multimedia applications in IoT environments
AU - Taheri, Rahim
AU - Javidan, Reza
AU - Pooranian, Zahra
N1 - Publisher Copyright:
© 2020, Springer Science+Business Media, LLC, part of Springer Nature.
PY - 2021/5/1
Y1 - 2021/5/1
N2 - In this paper, we propose two defense methods against adversarial attack to a malware detection system for mobile multimedia applications in IoT environments. They are Robust-NN and a combination of convolutional neural network and 1- nearest neighbors(C4N) which modify training data that has been poisoned by an adversarial attack. As a result, the trained machine learning model will be accurate and if the malicious program is entered by any IoT device, the model generates necessary alerts. We provide an explanation of the used attack method and the algorithms proposed to defend against this attack. In order to evaluate the suitability of the proposed defense methods, sufficient analysis is presented, i.e. Drebin, Contagio and Genome datasets which include benign and malware Android apps are applied to perform experiments. To confirm the effectiveness of the suggested defense algorithms, this paper compared their performance with two state-of-the-art defense algorithms used to detect adversarial samples, namely e2SAD and EAT. The experiments are performed on two types of API and Permission features from the mentioned datasets. The results confirm that accuracy rates of classification algorithms decrease to 40% after attack in some cases (related to Drebin dataset by reviewing API feature sets). Additionally, the accuracy rates increase to 94.94% and 96.03% by applying Robust-NN and C4N algorithms, respectively. Therefore, they are comparable with existing cutting-edge defense algorithms. Also, the adversarial attack increased the FPR to 45.81% which will be reduced to 4.84% and 4.15% using Robust-NN and C4N, respectively. Consequently, the proposed methods will be robust against adversarial attacks.
AB - In this paper, we propose two defense methods against adversarial attack to a malware detection system for mobile multimedia applications in IoT environments. They are Robust-NN and a combination of convolutional neural network and 1- nearest neighbors(C4N) which modify training data that has been poisoned by an adversarial attack. As a result, the trained machine learning model will be accurate and if the malicious program is entered by any IoT device, the model generates necessary alerts. We provide an explanation of the used attack method and the algorithms proposed to defend against this attack. In order to evaluate the suitability of the proposed defense methods, sufficient analysis is presented, i.e. Drebin, Contagio and Genome datasets which include benign and malware Android apps are applied to perform experiments. To confirm the effectiveness of the suggested defense algorithms, this paper compared their performance with two state-of-the-art defense algorithms used to detect adversarial samples, namely e2SAD and EAT. The experiments are performed on two types of API and Permission features from the mentioned datasets. The results confirm that accuracy rates of classification algorithms decrease to 40% after attack in some cases (related to Drebin dataset by reviewing API feature sets). Additionally, the accuracy rates increase to 94.94% and 96.03% by applying Robust-NN and C4N algorithms, respectively. Therefore, they are comparable with existing cutting-edge defense algorithms. Also, the adversarial attack increased the FPR to 45.81% which will be reduced to 4.84% and 4.15% using Robust-NN and C4N, respectively. Consequently, the proposed methods will be robust against adversarial attacks.
KW - Adversarial malware detection
KW - Deep learning
KW - IoT Environment
KW - IoT malware detection
KW - Perturbing training set
UR - http://www.scopus.com/inward/record.url?scp=85082806690&partnerID=8YFLogxK
U2 - 10.1007/s11042-020-08804-x
DO - 10.1007/s11042-020-08804-x
M3 - Article
AN - SCOPUS:85082806690
SN - 1380-7501
VL - 80
SP - 16713
EP - 16729
JO - Multimedia Tools and Applications
JF - Multimedia Tools and Applications
IS - 11
ER -