Interpretable Android Malware Detection Based on Dynamic Analysis
Arunab Singh, Maryam Tanha, Yashsvi Girdhar, Aaron Hunter
2024
Abstract
Android has emerged as the dominant operating system for smart devices, which has consequently led to the proliferation of Android malware. In response to this, different analysis methods have been suggested for the identification of Android malware. In this paper, we focus on so-called dynamic analysis, in which we run applications and monitor their behaviour at run-time rather analyzing the source code and resources (which is called static analysis). One approach to dynamic analysis is to use machine learning methods to identify malware; essentially we run a large set of applications that may or may not be malware, and we learn how to tell them apart. While this approach has been successfully applied, both academic and industrial stakeholders exhibit a stronger interest in comprehending the rationale behind the classification of apps as malicious. This falls under the domain of interpretable machine learning, with a specific focus on the research field of mobile malware detection. To fill this gap, we propose an explainable ML-based dynamic analysis framework for Android malware. Our approach provides explanations for the classification results by indicating the features that are contributing the most to the detection result. The quality of explanations are assessed using stability metrics.
DownloadPaper Citation
in Harvard Style
Singh A., Tanha M., Girdhar Y. and Hunter A. (2024). Interpretable Android Malware Detection Based on Dynamic Analysis. In Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP; ISBN 978-989-758-683-5, SciTePress, pages 195-202. DOI: 10.5220/0012415800003648
in Bibtex Style
@conference{icissp24,
author={Arunab Singh and Maryam Tanha and Yashsvi Girdhar and Aaron Hunter},
title={Interpretable Android Malware Detection Based on Dynamic Analysis},
booktitle={Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP},
year={2024},
pages={195-202},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012415800003648},
isbn={978-989-758-683-5},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP
TI - Interpretable Android Malware Detection Based on Dynamic Analysis
SN - 978-989-758-683-5
AU - Singh A.
AU - Tanha M.
AU - Girdhar Y.
AU - Hunter A.
PY - 2024
SP - 195
EP - 202
DO - 10.5220/0012415800003648
PB - SciTePress