Cargando…
DroidAutoML: A Microservice Architecture to Automate the Evaluation of Android Machine Learning Detection Systems
The mobile ecosystem is witnessing an unprecedented increase in the number of malware in the wild. To fight this threat, actors from both research and industry are constantly innovating to bring concrete solutions to improve security and malware protection. Traditional solutions such as signature-ba...
| Autores principales: | , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
2020
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7276263/ http://dx.doi.org/10.1007/978-3-030-50323-9_10 |
| _version_ | 1783542925584498688 |
|---|---|
| author | Bromberg, Yérom-David Gitzinger, Louison |
| author_facet | Bromberg, Yérom-David Gitzinger, Louison |
| author_sort | Bromberg, Yérom-David |
| collection | PubMed |
| description | The mobile ecosystem is witnessing an unprecedented increase in the number of malware in the wild. To fight this threat, actors from both research and industry are constantly innovating to bring concrete solutions to improve security and malware protection. Traditional solutions such as signature-based anti viruses have shown their limits in front of massive proliferation of new malware, which are most often only variants specifically designed to bypass signature-based detection. Accordingly, it paves the way to the emergence of new approaches based on Machine Learning (ML) technics to boost the detection of unknown malware variants. Unfortunately, these solutions are most often underexploited due to the time and resource costs required to adequately fine tune machine learning algorithms. In reality, in the Android community, state-of-the-art studies do not focus on model training, and most often go through an empirical study with a manual process to choose the learning strategy, and/or use default values as parameters to configure ML algorithms. However, in the ML domain, it is well known admitted that to solve efficiently a ML problem, the tunability of hyper-parameters is of the utmost importance. Nevertheless, as soon as the targeted ML problem involves a massive amount of data, there is a strong tension between feasibility of exploring all combinations and accuracy. This tension imposes to automate the search for optimal hyper-parameters applied to ML algorithms, that is not anymore possible to achieve manually. To this end, we propose a generic and scalable solution to automatically both configure and evaluate ML algorithms to efficiently detect Android malware detection systems. Our approach is based on devOps principles and a microservice architecture deployed over a set of nodes to scale and exhaustively test a large number of ML algorithms and hyper-parameters combinations. With our approach, we are able to systematically find the best fit to increase up to 11% the accuracy of two state-of-the-art Android malware detection systems. |
| format | Online Article Text |
| id | pubmed-7276263 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2020 |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-72762632020-06-08 DroidAutoML: A Microservice Architecture to Automate the Evaluation of Android Machine Learning Detection Systems Bromberg, Yérom-David Gitzinger, Louison Distributed Applications and Interoperable Systems Article The mobile ecosystem is witnessing an unprecedented increase in the number of malware in the wild. To fight this threat, actors from both research and industry are constantly innovating to bring concrete solutions to improve security and malware protection. Traditional solutions such as signature-based anti viruses have shown their limits in front of massive proliferation of new malware, which are most often only variants specifically designed to bypass signature-based detection. Accordingly, it paves the way to the emergence of new approaches based on Machine Learning (ML) technics to boost the detection of unknown malware variants. Unfortunately, these solutions are most often underexploited due to the time and resource costs required to adequately fine tune machine learning algorithms. In reality, in the Android community, state-of-the-art studies do not focus on model training, and most often go through an empirical study with a manual process to choose the learning strategy, and/or use default values as parameters to configure ML algorithms. However, in the ML domain, it is well known admitted that to solve efficiently a ML problem, the tunability of hyper-parameters is of the utmost importance. Nevertheless, as soon as the targeted ML problem involves a massive amount of data, there is a strong tension between feasibility of exploring all combinations and accuracy. This tension imposes to automate the search for optimal hyper-parameters applied to ML algorithms, that is not anymore possible to achieve manually. To this end, we propose a generic and scalable solution to automatically both configure and evaluate ML algorithms to efficiently detect Android malware detection systems. Our approach is based on devOps principles and a microservice architecture deployed over a set of nodes to scale and exhaustively test a large number of ML algorithms and hyper-parameters combinations. With our approach, we are able to systematically find the best fit to increase up to 11% the accuracy of two state-of-the-art Android malware detection systems. 2020-05-15 /pmc/articles/PMC7276263/ http://dx.doi.org/10.1007/978-3-030-50323-9_10 Text en © IFIP International Federation for Information Processing 2020 This article is made available via the PMC Open Access Subset for unrestricted research re-use and secondary analysis in any form or by any means with acknowledgement of the original source. These permissions are granted for the duration of the World Health Organization (WHO) declaration of COVID-19 as a global pandemic. |
| spellingShingle | Article Bromberg, Yérom-David Gitzinger, Louison DroidAutoML: A Microservice Architecture to Automate the Evaluation of Android Machine Learning Detection Systems |
| title | DroidAutoML: A Microservice Architecture to Automate the Evaluation of Android Machine Learning Detection Systems |
| title_full | DroidAutoML: A Microservice Architecture to Automate the Evaluation of Android Machine Learning Detection Systems |
| title_fullStr | DroidAutoML: A Microservice Architecture to Automate the Evaluation of Android Machine Learning Detection Systems |
| title_full_unstemmed | DroidAutoML: A Microservice Architecture to Automate the Evaluation of Android Machine Learning Detection Systems |
| title_short | DroidAutoML: A Microservice Architecture to Automate the Evaluation of Android Machine Learning Detection Systems |
| title_sort | droidautoml: a microservice architecture to automate the evaluation of android machine learning detection systems |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7276263/ http://dx.doi.org/10.1007/978-3-030-50323-9_10 |
| work_keys_str_mv | AT brombergyeromdavid droidautomlamicroservicearchitecturetoautomatetheevaluationofandroidmachinelearningdetectionsystems AT gitzingerlouison droidautomlamicroservicearchitecturetoautomatetheevaluationofandroidmachinelearningdetectionsystems |