Sawadogo, Zakaria, Mendy, Gervais, Khan, Muhammad Taimoor ORCID: https://orcid.org/0000-0002-5752-6420, Ouya, Samuel and Dembelle, Jean Marie (2023) Towards a DeepMalOb improvement in the use of formal security risk analysis methods. In: 2023 IEEE 6th International Conference on Cloud Computing and Artificial Intelligence: Technologies and Applications (CloudTech), 21st - 23rd November 2023, Marrakesh, Morocco. IEEE Xplore . Institute of Electrical and Electronics Engineers (IEEE), Piscataway, New Jersey, pp. 118-122. ISBN 979-8350303070; 979-8350303063 (doi:10.1109/CloudTech58737.2023.10366167)

Preview

PDF (Author's Accepted Manuscript) 49342 KHAN_Towards_A_DeepMalOb_Improvement_In_The_Use_Of_Formal_Security_Risk_Analysis_Methods_(AAM)_2023.pdf - Accepted Version Download (615kB) | Preview

Abstract

Researchers are concerned about the detection of obfuscated Android malware, and multiple studies have been proposed to address certain obfuscation techniques. However, the comprehensive consideration of all obfuscation techniques remains a critical cybersecurity challenge due to their mutations. To tackle this issue, we developed the DeepMalOb approach, which utilizes memory dumping and deep learning with MLP to detect obfuscated malicious applications. Although the approach has yielded satisfactory results, we acknowledge potential security risks associated with MLPs, such as adversarial attacks, model inversion attacks, overfitting, and model biases, which may impact the accuracy and robustness of the MLP model and render it vulnerable to obfuscated malware. To improve the DeepMalOb approach, we propose the use of formal security risk analysis methods with MLP to detect hidden malware in Android by analyzing the security risks associated with the MLP model and the input features used for training.

Item Type:	Conference Proceedings
Title of Proceedings:	2023 IEEE 6th International Conference on Cloud Computing and Artificial Intelligence: Technologies and Applications (CloudTech), 21st - 23rd November 2023, Marrakesh, Morocco
Uncontrolled Keywords:	Android malware detection, obfuscation techniques, Deep learning, cyber-security, memory dump, formal method
Subjects:	Q Science > Q Science (General) Q Science > QA Mathematics Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group:	Faculty of Engineering & Science Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Last Modified:	13 Jan 2025 15:45
URI:	http://gala.gre.ac.uk/id/eprint/49342

Actions (login required)

View Item

Downloads