Metamorphic Detection of Repackaged Malware (MET 2021)

Who

Shirish Singh, Gail Kaiser

Track

MET 2021

Time Zone

The program is currently displayed in (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.

Use conference time zone: (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, ViennaSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Wed 2 Jun 2021 16:10 - 16:40 at MET Room - Session 3: Safety and Security and Simulation Chair(s): Xiaoyuan Xie

Abstract

Mobile malware detection systems are often vulnerable to evasion attacks, in which a malware developer manipulates a malware sample such that it is misclassified as benign. These samples are manipulated to hide some characteristics or adopt the properties of a different class by applying small but intentionally crafted perturbations. In this paper, we propose a novel mobile malware detection system, based on metamorphic testing principles, that can detect benign-looking evasive malware apps. The key idea is to expose the malicious nature of the apps by unraveling the evasive techniques employed by malware. We observed that evasive malware exhibit characteristics of benign apps, and by eliminating these features, the classifier can correctly detect the malware without compromising significantly on benign app detection. The training pipeline of our proposed system is much simpler than existing malware detection methods, as the network is trained end-to-end to jointly learn appropriate features and to perform classification. We train our model on 3.2 million apps collected from the AndroZoo dataset. We perform an extensive study on publicly available datasets and malware samples collected from the wild to show the effectiveness of the proposed technique. In particular, we show that our algorithm is capable of detecting repackaged malware with more than 94% accuracy.

Shirish Singh

Columbia University

United States

Gail Kaiser

Columbia University

United States

YT video

Time Zone

The program is currently displayed in (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.

Use conference time zone: (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, ViennaSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Wed 2 Jun
Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

16:10 - 17:30	Session 3: Safety and Security and SimulationMET 2021 at MET Room Chair(s): Xiaoyuan Xie School of Computer Science, Wuhan University, China

16:10 30m Long-paper		Metamorphic Detection of Repackaged Malware MET 2021 Shirish Singh Columbia University, Gail Kaiser Columbia University Media Attached
16:40 20m Short-paper		Metamorphic Testing on the Continuum of Verification and Validation of Simulation Models MET 2021 M S Raunak National Institute of Standards and Technology, Megan Olsen Loyola University Maryland Media Attached
17:00 30m Long-paper		Metamorphic Testing for Image-based Calcium Imaging Analysis Pipelines MET 2021 Madeline Diep Fraunhofer USA CESE, Rohan Reddy Mekala Fraunhofer USA CESE, Ujjwal Ayyangar Fraunhofer USA CESE, Gudjon Magnusson Fraunhofer USA CESE, Adam Porter Fraunhofer USA CESE, Wolfgang Losert University of Maryland, Mikael Lindvall Fraunhofer USA CESE Media Attached

Information for Participants

Wed 2 Jun 2021 16:10 - 17:30 at MET Room - Session 3: Safety and Security and Simulation Chair(s): Xiaoyuan Xie

Info for room MET Room:

Go directly to this room on Clowdr