Article (Scientific journals)
Assessing the opportunity of combining state-of-the-art Android malware detectors
DAOUDI, Nadia; Allix, Kévin; BISSYANDE, Tegawendé François D Assise et al.
2022In Empirical Software Engineering, 28
Peer Reviewed verified by ORBi
 

Files


Full Text
Combination_of_SOTA_malware_detectors_preprint.pdf
Author preprint (1.52 MB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Android; Malware; Machine learning; Ensemble learning
Abstract :
[en] Research on Android malware detection based on Machine learning has been prolific in recent years. In this paper, we show, through a large-scale evaluation of four state-of-the-art approaches that their achieved performance fluctuates when applied to different datasets. Combining existing approaches appears as an appealing method to stabilise performance. We therefore proceed to empirically investigate the effect of such combinations on the overall detection performance. In our study, we evaluated 22 methods to combine feature sets or predictions from the state-of-the-art approaches. Our results showed that no method has significantly enhanced the detection performance reported by the state-of-the-art malware detectors. Nevertheless, the performance achieved is on par with the best individual classifiers for all settings. Overall, we conduct extensive experiments on the opportunity to combine state-of-the-art detectors. Our main conclusion is that combining state-of-theart malware detectors leads to a stabilisation of the detection performance, and a research agenda on how they should be combined effectively is required to boost malware detection. All artefacts of our large-scale study (i.e., the dataset of ∼0.5 million apks and all extracted features) are made available for replicability.
Disciplines :
Computer science
Author, co-author :
DAOUDI, Nadia ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX
Allix, Kévin;  CentraleSupelec
BISSYANDE, Tegawendé François D Assise  ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX
KLEIN, Jacques ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > TruX
External co-authors :
yes
Language :
English
Title :
Assessing the opportunity of combining state-of-the-art Android malware detectors
Publication date :
December 2022
Journal title :
Empirical Software Engineering
ISSN :
1573-7616
Publisher :
Kluwer Academic Publishers, Netherlands
Volume :
28
Peer reviewed :
Peer Reviewed verified by ORBi
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR11693861 - Characterization Of Malicious Code In Mobile Apps: Towards Accurate And Explainable Malware Detection, 2017 (01/06/2018-31/12/2021) - Jacques Klein
Funders :
FNR - Fonds National de la Recherche [LU]
University of Luxembourg - UL
SPARTA
Luxembourg Ministry of Foreign and European Affairs
Available on ORBilu :
since 11 January 2023

Statistics


Number of views
48 (4 by Unilu)
Number of downloads
121 (4 by Unilu)

Scopus citations®
 
3
Scopus citations®
without self-citations
2
WoS citations
 
3

Bibliography


Similar publications



Contact ORBilu