Back to Search
Start Over
DroidAutoML: A Microservice Architecture to Automate the Evaluation of Android Machine Learning Detection Systems
- Source :
- Distributed Applications and Interoperable Systems, Lecture Notes in Computer Science, DAIS-20th IFIP International Conference on Distributed Applications and Interoperable Systems, DAIS-20th IFIP International Conference on Distributed Applications and Interoperable Systems, Jun 2020, Valletta, Malta. pp.148-165, ⟨10.1007/978-3-030-50323-9_10⟩, 20th IFIP International Conference on Distributed Applications and Interoperable Systems (DAIS), 20th IFIP International Conference on Distributed Applications and Interoperable Systems (DAIS), Jun 2020, Valletta, Malta. pp.148-165, ⟨10.1007/978-3-030-50323-9_10⟩, DAIS 2020-20th International Conference on Distributed Applications and Interoperable Systems, DAIS 2020-20th International Conference on Distributed Applications and Interoperable Systems, Jun 2020, Malta, Malta. pp.148-165, ⟨10.1007/978-3-030-50323-9_10⟩, Distributed Applications and Interoperable Systems ISBN: 9783030503222, DAIS
- Publication Year :
- 2020
-
Abstract
- Part 4: Machine Learning for Systems; International audience; The mobile ecosystem is witnessing an unprecedented increase in the number of malware in the wild. To fight this threat, actors from both research and industry are constantly innovating to bring concrete solutions to improve security and malware protection. Traditional solutions such as signature-based anti viruses have shown their limits in front of massive proliferation of new malware, which are most often only variants specifically designed to bypass signature-based detection. Accordingly, it paves the way to the emergence of new approaches based on Machine Learning (ML) technics to boost the detection of unknown malware variants. Unfortunately, these solutions are most often underexploited due to the time and resource costs required to adequately fine tune machine learning algorithms. In reality, in the Android community, state-of-the-art studies do not focus on model training, and most often go through an empirical study with a manual process to choose the learning strategy, and/or use default values as parameters to configure ML algorithms. However, in the ML domain, it is well known admitted that to solve efficiently a ML problem, the tunability of hyper-parameters is of the utmost importance. Nevertheless, as soon as the targeted ML problem involves a massive amount of data, there is a strong tension between feasibility of exploring all combinations and accuracy. This tension imposes to automate the search for optimal hyper-parameters applied to ML algorithms, that is not anymore possible to achieve manually. To this end, we propose a generic and scalable solution to automatically both configure and evaluate ML algorithms to efficiently detect Android malware detection systems. Our approach is based on devOps principles and a microservice architecture deployed over a set of nodes to scale and exhaustively test a large number of ML algorithms and hyper-parameters combinations. With our approach, we are able to systematically find the best fit to increase up to 11% the accuracy of two state-of-the-art Android malware detection systems.
- Subjects :
- 050101 languages & linguistics
Computer science
02 engineering and technology
computer.software_genre
Machine learning
Malware
Article
[INFO.INFO-AI]Computer Science [cs]/Artificial Intelligence [cs.AI]
[INFO.INFO-MC]Computer Science [cs]/Mobile Computing
[INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI]
Empirical research
Android
Android malware
0202 electrical engineering, electronic engineering, information engineering
0501 psychology and cognitive sciences
[INFO]Computer Science [cs]
DevOps
Architecture
Android (operating system)
AutoML
business.industry
05 social sciences
Scalability
020201 artificial intelligence & image processing
Mobile ecosystem
Artificial intelligence
business
computer
Subjects
Details
- Language :
- English
- ISBN :
- 978-3-030-50322-2
- ISBNs :
- 9783030503222
- Volume :
- 12135
- Database :
- OpenAIRE
- Journal :
- Distributed Applications and Interoperable Systems
- Accession number :
- edsair.doi.dedup.....fda04b89a3c6df73d96c9795f9192927