Reference : Lessons Learnt on Reproducibility in Machine Learning Based Android Malware Detection
Scientific journals : Article
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/47296
Lessons Learnt on Reproducibility in Machine Learning Based Android Malware Detection
English
Daoudi, Nadia mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX >]
Allix, Kevin mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX >]
Bissyande, Tegawendé François D Assise mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX >]
Klein, Jacques mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX >]
2021
Empirical Software Engineering
Springer
26
Yes (verified by ORBilu)
International
1382-3256
1573-7616
US
[en] Android malware detection ; Reproducibility ; Replicability ; Machine learning
[en] A well-known curse of computer security research is that it often produces systems that, while technically sound, fail operationally. To overcome this curse, the community generally seeks to assess proposed systems under a variety of settings in order to make explicit every potential bias. In this respect, recently, research achievements on machine learning based malware detection are being considered for thorough evaluation by the community. Such an effort of comprehensive evaluation supposes first and foremost the possibility to perform an independent reproduction study in order to sharpen evaluations presented by approaches’ authors. The question Can published approaches actually be reproduced? thus becomes paramount despite the little interest such mundane and practical aspects seem to attract in the malware detection field. In this paper, we attempt a complete reproduction of five Android Malware Detectors from the literature and discuss to what extent they are “reproducible”. Notably, we provide insights on the implications around the guesswork that may be required to finalise a working implementation. Finally, we discuss how barriers to reproduction could be lifted, and how the malware detection field would benefit from stronger reproducibility standards—like many various fields already have.
Fonds National de la Recherche - FnR ; University of Luxembourg - UL ; SPARTA ; Luxembourg Ministry of Foreign and European Affairs
Researchers
http://hdl.handle.net/10993/47296
10.1007/s10664-021-09955-7
https://doi.org/10.1007/s10664-021-09955-7
FnR ; FNR11693861 > Jacques Klein > CHARACTERIZE > Characterization Of Malicious Code In Mobile Apps: Towards Accurate And Explainable Malware Detection > 01/06/2018 > 31/12/2021 > 2017

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
Daoudi2021_Article_LessonsLearntOnReproducibility.pdfPublisher postprint2.42 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.