Machine Learning based Malware Detection in Android: There and Back Again!

Prof. Dr. Tegawendé F. Bissyandé

Abstract

Android malware are as old as Android itself. Research to detect them have rapidly been directed towards the use of machine learning to classify Android app samples. The literature in this domain has been prolific in the pas decade with various works claiming high detection scores. The reality, however, remains that the industry has not massively adopted these literature approaches for automatically vetting Android apps. In several empirical studies, we have shown that (1) features for malware classification can be trivial to identify, but (2) experimental scenarios in the lab are offering a biased perspective on actual performance. We have finally identified the key problem to tackle in perspective by the community is the representation of Android samples. In particular, we discuss the case of image-based representation, which despite being unorthodox for code, constitute a worthwhile investigation challenge in terms of practicality for malware detection and even localisation.

Short Bio

Prof. Dr. Tegawendé F. Bissyandé is a Chief Scientist (Professor) affiliated to the SnT Interdisciplinary Centre for Security, Reliability and Trust of the University of Luxembourg. He received his PhD in Computer Science from the University of Bordeaux (France) in 2013 after earning an engineering degree in Telecommunication in 2009. He is currently an ERC Starting Grant holder on natural program repair and head of the Trustworthy Software Engineering (TruX) Research Group at SnT where his research interests span across several topics, including mainly: (1) program repair; (2) software security, i.e., mobile static security analysis, vulnerability detection and malware detection; (3) software analytics, i.e., code search, clone detection and repository mining. Prof. Bissyandé’s research is funded through several research grants as well as by prominent industry partners. He has published over 70 research papers in computer science and related topics in top-tier venues, including ACM/IEEE ICSE, IEEE/ACM ASE, IEEE ESEC/FSE, IEEE TSE, ACM TOPS, IEEE TIFS, ACM TOSEM, EMSE, KDD, etc. He has also served his research community as Program Committee member of several conferences, including ASE, ISSTA, ICSME, ICSE.