Available on ORBilu since
11 January 2023
Article (Scientific journals)
Assessing the opportunity of combining state-of-the-art Android malware detectors
Daoudi, Nadia; Allix, Kévin; Bissyande, Tegawendé François D Assise et al.
2022In Empirical Software Engineering, 28
Peer Reviewed verified by ORBi
 

Files


Full Text
Combination_of_SOTA_malware_detectors_preprint.pdf
Author preprint (1.52 MB)

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Android; Malware; Machine learning; Ensemble learning
Abstract :
[en] Research on Android malware detection based on Machine learning has been prolific in recent years. In this paper, we show, through a large-scale evaluation of four state-of-the-art approaches that their achieved performance fluctuates when applied to different datasets. Combining existing approaches appears as an appealing method to stabilise performance. We therefore proceed to empirically investigate the effect of such combinations on the overall detection performance. In our study, we evaluated 22 methods to combine feature sets or predictions from the state-of-the-art approaches. Our results showed that no method has significantly enhanced the detection performance reported by the state-of-the-art malware detectors. Nevertheless, the performance achieved is on par with the best individual classifiers for all settings. Overall, we conduct extensive experiments on the opportunity to combine state-of-the-art detectors. Our main conclusion is that combining state-of-theart malware detectors leads to a stabilisation of the detection performance, and a research agenda on how they should be combined effectively is required to boost malware detection. All artefacts of our large-scale study (i.e., the dataset of ∼0.5 million apks and all extracted features) are made available for replicability.
Disciplines :
Computer science
Author, co-author :
Daoudi, Nadia ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX
Allix, Kévin;  CentraleSupelec
Bissyande, Tegawendé François D Assise ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX
Klein, Jacques ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX
External co-authors :
yes
Language :
English
Title :
Assessing the opportunity of combining state-of-the-art Android malware detectors
Publication date :
December 2022
Journal title :
Empirical Software Engineering
ISSN :
1573-7616
Publisher :
Kluwer Academic Publishers, Netherlands
Volume :
28
Peer reviewed :
Peer Reviewed verified by ORBi
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR11693861 > Jacques Klein > CHARACTERIZE > Characterization Of Malicious Code In Mobile Apps: Towards Accurate And Explainable Malware Detection > 01/06/2018 > 31/12/2021 > 2017
Funders :
FNR - Fonds National de la Recherche
University of Luxembourg - UL
SPARTA
Luxembourg Ministry of Foreign and European Affairs

Statistics


Number of views
27 (4 by Unilu)
Number of downloads
95 (4 by Unilu)

Scopus citations®
 
1
Scopus citations®
without self-citations
0

Bibliography


Similar publications



Contact ORBilu