Research Article
On the Application of Active Learning to Handle Data Evolution in Android Malware Detection
@INPROCEEDINGS{10.1007/978-3-031-36574-4_15, author={Alejandro Guerra-Manzanares and Hayretdin Bahsi}, title={On the Application of Active Learning to Handle Data Evolution in Android Malware Detection}, proceedings={Digital Forensics and Cyber Crime. 13th EAI International Conference, ICDF2C 2022, Boston, MA, November 16-18, 2022, Proceedings}, proceedings_a={ICDF2C}, year={2023}, month={7}, keywords={mobile malware Android malware detection active learning concept drift data evolution}, doi={10.1007/978-3-031-36574-4_15} }- Alejandro Guerra-Manzanares
Hayretdin Bahsi
Year: 2023
On the Application of Active Learning to Handle Data Evolution in Android Malware Detection
ICDF2C
Springer
DOI: 10.1007/978-3-031-36574-4_15
Abstract
Mobile malware detection remains a significant challenge in the rapidly evolving cyber threat landscape. Although the research about the application of machine learning methods to this problem has provided promising results, still, maintaining continued success at detecting malware in operational environments depends on holistically solving challenges regarding the feature variations of malware apps that occur over time and the high costs associated with data labeling. The present study explores the adaptation of the active learning approach for inducing detection models in a non-stationary setting and shows that this approach provides high detection performance with a minimal set of labeled data for a long time when the uncertainty-based sampling strategy is applied. The models that are induced using dynamic, static and hybrid features of mobile malware are compared against baseline approaches. Although active learning has been adapted to many problem domains, it has not been explored in mobile malware detection extensively, especially for non-stationary settings.
