DroidEye: Fortifying Security of Learning-based Classifier against Adversarial Android Malware Attacks

To combat the evolving Android malware attacks, systems using machine learning techniques have been successfully deployed for Android malware detection. In these systems, based on different feature representations, various kinds of classifiers are constructed to detect Android malware. Unfortunately, as classifiers become more widely deployed, the incentive for defeating them increases. In this paper, we first extract a set of features from the Android applications (apps) and represent them as binary feature vectors; with these inputs, we then explore the security of a generic learning-based classifier for Android malware detection in the presence of adversaries. To harden the evasion, we first present count featurization to transform the binary feature space into continuous probabilities encoding the distribution in each class (either benign or malicious). To improve the system security while not compromising the detection accuracy, we further introduce softmax function with adversarial parameter to find the best trade-off between security and accuracy for the classifier. Accordingly, we develop a system named DroidEye which integrates our proposed method for Android malware detection. Comprehensive experiments on the real sample collection from Comodo Cloud Security Center are conducted to validate the effectiveness of DroidEye against adversarial Android malware attacks. Our proposed secure-learning paradigm is also applicable for other detection tasks, such as spammer detection in social media.