Skip to main content

RL-MAGE: Strengthening Malware Detectors Against Smart Adversaries

  • Conference paper
  • First Online:
Computational Science – ICCS 2023 (ICCS 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14074))

Included in the following conference series:

  • 686 Accesses

Abstract

Today, android dominates the smartphone operating systems market. As per Google, there are over 3 billion active android users. With such a large population depending on the platform for their daily activities, a strong need exists to protect android from adversaries. Historically, techniques like signature and behavior were used in malware detectors. However, machine learning and deep learning models have now started becoming a core part of next-generation android malware detectors. In this paper, we step into malware developers/adversary shoes and ask: Are machine learning based android detectors resilient to reinforcement learning based adversarial attacks? Therefore, we propose the RL-MAGE framework to investigate the adversarial robustness of android malware detectors. The RL-MAGE framework assumes the grey-box scenario and aims to improve the adversarial robustness of malware detectors. We designed three reinforcement learning based evasion attacks A2C-MEA, TRPO-MEA, and PPO-MEA, against malware detectors. We investigated the robustness of 30 malware detection models based on 2 features (android permission and intent) and 15 distinct classifiers from 4 different families (machine learning classifiers, bagging based classifiers, boosting based classifiers, and deep learning classifiers). The designed evasion attacks generate adversarial applications by adding perturbations into the malware so that they force misclassifications and can evade malware detectors. The attack agent ensures that the adversarial applications’ structural, syntactical, and behavioral integrity is preserved, and the attack’s cost is minimized by adding minimum perturbations. The proposed TRPO-MEA evasion attack achieved a mean evasion rate of \(93.27\%\) while reducing the mean accuracy of 30 malware detectors from \(85.81\%\) to \(50.29\%\). We also propose the ARShield defense strategy to improve the malware detectors’ classification performance and robustness. The TRPO-MEA ARShield models achieved \(4.10\%\) higher mean accuracy and reduced the mean evasion rate of re-attack from \(93.27\%\) to \(1.05\%\). Finally, we conclude that the RL-MAGE framework improved the detection performance and adversarial robustness of malware detectors.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. More than one billion Android devices at risk of malware threats. https://www.which.co.uk/news/article/more-than-one-billion-android-devices-at-risk-of-malware-threats-aXtug2P0ET0d

  2. Android Statistics (2023). https://www.businessofapps.com/data/android-statistics/

  3. Apktool (2023). https://ibotpeaches.github.io/Apktool/

  4. Google I/O (2023). https://io.google/2021/program/content/?lng=en

  5. Google Play Store (2023). https://play.google.com/store/

  6. VirusTotal (2023). https://www.virustotal.com/gui/home/upload

  7. Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.: Drebin: effective and explainable detection of android malware in your pocket. In: Network and Distributed System Security Symposium (NDSS), vol. 14, pp. 23–26 (2014)

    Google Scholar 

  8. Bostani, H., Moonsamy, V.: Evadedroid: a practical evasion attack on ML for black-box android malware detection (2021). arXiv preprint arXiv:2110.03301

  9. Demetrio, L., Coull, S.E., Biggio, B., Lagorio, G., Armando, A., Roli, F.: Adversarial exemples: a survey and experimental evaluation of practical attacks on machine learning for windows malware detection. ACM Trans. Privacy Secur. (TOPS) 24(4), 1–31 (2021)

    Article  Google Scholar 

  10. Grosse, K., Papernot, N., Manoharan, P., Backes, M., McDaniel, P.: Adversarial perturbations against deep neural networks for malware classification. arXiv preprint arXiv:1606.04435 (2016)

  11. Mnih, V., et al.: Asynchronous methods for deep reinforcement learning. In: International Conference on Machine Learning (ICML), pp. 1928–1937 (2016)

    Google Scholar 

  12. Papernot, N., McDaniel, P., Jha, S., Fredrikson, M., Celik, Z.B., Swami, A.: The limitations of deep learning in adversarial settings. In: IEEE European Symposium on Security and Privacy (IEEE EuroS &P), pp. 372–387. IEEE (2016)

    Google Scholar 

  13. Qiu, J., Zhang, J., Luo, W., Pan, L., Nepal, S., Xiang, Y.: A survey of android malware detection with deep neural models. ACM Comput. Surv. (CSUR) 53(6), 1–36 (2020)

    Article  Google Scholar 

  14. Rathore, H., Sahay, S.K., Nikam, P., Sewak, M.: Robust android malware detection system against adversarial attacks using q-learning. Inf. Syst. Front. 1–16 (2021)

    Google Scholar 

  15. Rathore, H., Sahay, S.K., Rajvanshi, R., Sewak, M.: Identification of significant permissions for efficient android malware detection. In: Gao, H., J. Durán Barroso, R., Shanchen, P., Li, R. (eds.) BROADNETS 2020. LNICST, vol. 355, pp. 33–52. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-68737-3_3

    Chapter  Google Scholar 

  16. Rathore, H., Samavedhi, A., Sahay, S.K., Sewak, M.: Robust malware detection models: learning from adversarial attacks and defenses. Forensic Sci. Int. Digit. Investig. 37, 301183 (2021)

    Article  Google Scholar 

  17. Schulman, J., Levine, S., Abbeel, P., Jordan, M., Moritz, P.: Trust region policy optimization. In: ICML, pp. 1889–1897 (2015)

    Google Scholar 

  18. Schulman, J., Wolski, F., Dhariwal, P., Radford, A., Klimov, O.: Proximal policy optimization algorithms. arXiv preprint arXiv:1707.06347 (2017)

  19. Sewak, M., Sahay, S.K., Rathore, H.: Deepintent: implicitintent based android ids with e2e deep learning architecture. In: IEEE 31st PIMRC, pp. 1–6. IEEE (2020)

    Google Scholar 

  20. Sewak, M., Sahay, S.K., Rathore, H.: Value-approximation based deep reinforcement learning techniques: an overview. In: 2020 IEEE 5th International Conference on Computing Communication and Automation (ICCCA), pp. 379–384. IEEE (2020)

    Google Scholar 

  21. Sewak, M., Sahay, S.K., Rathore, H.: DRLDO: a novel DRL based de-obfuscation system for defence against metamorphic malware. Def. Sci. J. 71(1), 55–65 (2021)

    Article  Google Scholar 

  22. Sinha, S., Saranya, S.: One pixel attack analysis using activation maps. Ann. Roman. Soc. Cell Biol. 8397–8404 (2021)

    Google Scholar 

  23. Taheri, R., Javidan, R., Shojafar, M., Vinod, P., Conti, M.: Can machine learning model with static features be fooled: an adversarial machine learning approach. Clust. Comput. 23(4), 3233–3253 (2020). https://doi.org/10.1007/s10586-020-03083-5

    Article  Google Scholar 

  24. Zhang, J., Zhang, C., Liu, X., Wang, Y., Diao, W., Guo, S.: ShadowDroid: practical black-box attack against ML-based android malware detection. In: International Conference on Parallel and Distributed Systems, pp. 629–636. IEEE (2021)

    Google Scholar 

Download references

Acknowledgement

One of the authors Dr. Sanjay K. Sahay is thankful to Data Security Council of India for financial support to work on the Android malware detection system.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Hemant Rathore .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Nandanwar, A., Rathore, H., Sahay, S.K., Sewak, M. (2023). RL-MAGE: Strengthening Malware Detectors Against Smart Adversaries. In: Mikyška, J., de Mulatier, C., Paszynski, M., Krzhizhanovskaya, V.V., Dongarra, J.J., Sloot, P.M. (eds) Computational Science – ICCS 2023. ICCS 2023. Lecture Notes in Computer Science, vol 14074. Springer, Cham. https://doi.org/10.1007/978-3-031-36021-3_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-36021-3_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-36020-6

  • Online ISBN: 978-3-031-36021-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics