Understanding Model Weaknesses: A Path to Strengthening DNN-Based Android Malware Detection
This program is tentative and subject to change.
Android malware detection remains a critical challenge in cybersecurity research. Recent advancements leverage AI techniques, particularly deep neural networks (DNNs), to train a detection model, but their effectiveness is often compromised by the pronounced imbalance among malware families in commonly used training datasets. This imbalance leads to overfitting in dominant categories and poor performance in underrepresented ones, increasing predictive uncertainty for less common malware families. To address the suboptimal performance of many DNN models, we introduce MalTutor, a novel framework that enhances model robustness through an optimized training process. Our primary insight lies in transforming uncertainties from ‘‘liabilities’’ into ‘‘assets’’ by strategically incorporating them into DNN training methodologies. Specifically, we begin by evaluating the predictive uncertainty of DNN models throughout various training epochs, which guides our sample categorization. Incorporating Curriculum Learning strategies, we commence training with easy-to-learn samples with lower uncertainty, progressively incorporating difficult-to-learn ones with higher uncertainty. Our experimental results demonstrate that MalTutor significantly improves the performance of models trained on imbalanced datasets, increasing accuracy by 31.0%, elevating the F1 score by 138.8%, and specifically boosting the average accuracy in detecting various types of malicious apps by 133.9%. Our findings provide valuable insights into the potential benefits of incorporating uncertainty to improve the robustness of DNN models for prediction-oriented software engineering tasks.
This program is tentative and subject to change.
Wed 25 JunDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
16:00 - 17:30 | |||
16:00 25mTalk | Intention-based GUI Test Migration for Mobile Apps using Large Language Models Research Papers Shaoheng Cao Nanjing University, Minxue Pan Nanjing University, Yuanhong Lan Nanjing University, Xuandong Li Nanjing University | ||
16:25 25mTalk | GoPV: Detecting Blocking Concurrency Bugs Related to Shared-Memory Synchronization in Go Research Papers Wei Song Nanjing University of Science and Technology, Xiaofan Xu Nanjing University of Science and Technology, Jeff Huang Texas A&M University | ||
16:50 25mTalk | Understanding Model Weaknesses: A Path to Strengthening DNN-Based Android Malware Detection Research Papers haodong li Beijing University of Posts and Telecommunications, Xiao Cheng UNSW, Yanjie Zhao Huazhong University of Science and Technology, Guosheng Xu Beijing University of Posts and Telecommunications, Guoai Xu Harbin Institute of Technology, Shenzhen, Haoyu Wang Huazhong University of Science and Technology | ||
17:15 15mDemonstration | GoPV: A Static Analyzer for Finding Blocking Concurrency Bugs Due to Misuse of Shared-Memory Synchronization in Go Tool Demonstrations Xiaofan Xu Nanjing University of Science and Technology, Wei Song Nanjing University of Science and Technology, Jeff Huang Texas A&M University |