Abstract
Mobile malware detection remains a significant challenge in the rapidly evolving cyber threat landscape. Although the research about the application of machine learning methods to this problem has provided promising results, still, maintaining continued success at detecting malware in operational environments depends on holistically solving challenges regarding the feature variations of malware apps that occur over time and the high costs associated with data labeling. The present study explores the adaptation of the active learning approach for inducing detection models in a non-stationary setting and shows that this approach provides high detection performance with a minimal set of labeled data for a long time when the uncertainty-based sampling strategy is applied. The models that are induced using dynamic, static and hybrid features of mobile malware are compared against baseline approaches. Although active learning has been adapted to many problem domains, it has not been explored in mobile malware detection extensively, especially for non-stationary settings.
| Original language | English |
|---|---|
| Title of host publication | Digital Forensics and Cyber Crime. ICDF2C 2022. |
| Subtitle of host publication | Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering |
| Editors | Sanjay Goel, Pavel Gladyshev, Akatyev Nikolay, George Markowsky, Daryl Johnson |
| Publisher | Springer Science and Business Media Deutschland GmbH |
| Pages | 256–273 |
| Volume | 508 |
| ISBN (Electronic) | 9783031365744 |
| ISBN (Print) | 9783031365737 |
| DOIs | |
| Publication status | Published - 2023 |
| Externally published | Yes |