SaTC: CORE: Small: Collaborative: Data-driven Approaches for Large-scale Security Analysis of Mobile Applications

SaTC：核心：小型：协作：用于移动应用程序大规模安全分析的数据驱动方法

• 批准号: 1717871
• 负责人: Doina Caragea
• 金额: $ 20万
• 依托单位: Kansas State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-08-15 至 2021-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1717871&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Collaborative; Data

This project investigates how to apply big-data analysis techniques to analyze mobile apps for the Android platform, for the purpose of accurately identifying security problems therein. A major challenge is the scale of the problem, with thousands of new apps entering the online app markets on a daily basis. Current technologies cannot keep up with the pace of the threats, and malware are regularly found in both large-scale marketplaces such as the official Google Play market and in third-party markets. The project adopts a number of advanced machine learning and data mining techniques to tackle those challenges. The large number of apps in the markets allows an automated machine learning algorithm to better capture security-related patterns and trends in the data, so that it can predict with good accuracy which apps may have security problems. Those apps are worth the more in-depth and expensive analysis that usually requires significant human effort. This creates an effective triage to deal with the scale challenge, and can be used by industry to scale the security vetting process of mobile apps. Artifacts produced from the research are released in open source and benefit practitioners. New courses on mobile apps and their security are developed. Undergraduate students are involved in this research. Underrepresented groups, including female students, also participate in the research. The materials developed from the research are used to further enrich cybersecurity education opportunities in the PIs' multiple outreach platforms in their institutions, to enable a large student body to benefit from the project.The project designs solutions to tackle the unique challenges in applying machine learning for mobile app security analysis, most of which are due to the big data nature of the problem. A key scientific challenge faced in mobile app security analysis is the difficulty in obtaining high-quality ground truth. Many times one has to rely upon imperfect data in training and evaluation. The research experiments with a number of approaches to deal with the noise due to the imperfect labels, including semi-supervised learning algorithms, which can learn from small amounts of labeled data, or even from positive data only, together with unlabeled data. The project also explores a novel approach that uses social media information to acquire additional information to improve the ground truth and/or the prediction accuracy.

本项目研究如何应用大数据分析技术对Android平台的移动应用进行分析，以准确识别其中的安全问题。一个主要的挑战是这个问题的规模，每天都有数千个新应用进入在线应用市场。目前的技术跟不上威胁的步伐，恶意软件经常出现在大型市场，如Google Play官方市场和第三方市场。该项目采用了许多先进的机器学习和数据挖掘技术来应对这些挑战。市场上大量的应用程序允许自动机器学习算法更好地捕获数据中与安全相关的模式和趋势，从而能够很准确地预测哪些应用程序可能存在安全问题。这些应用程序值得进行更深入、更昂贵的分析，这通常需要大量的人力努力。这创造了一个有效的分流来应对规模挑战，并可以被行业用来扩展移动应用的安全审查流程。这项研究产生的产物以开放源码的形式发布，使从业者受益。开发了关于移动应用及其安全的新课程。本科生参与了这项研究。包括女学生在内的代表性不足的群体也参与了这项研究。研究开发的材料被用来进一步丰富PIS在其机构的多个外联平台中的网络安全教育机会，使大量学生能够从该项目中受益。该项目设计了解决方案，以应对将机器学习应用于移动应用程序安全分析的独特挑战，其中大部分挑战是由于问题的大数据性质。移动应用安全分析面临的一个关键科学挑战是难以获得高质量的地面事实。很多时候，人们不得不依靠不完善的数据来进行培训和评估。本研究尝试了许多方法来处理由不完美标签引起的噪声，包括半监督学习算法，它可以从少量的已标签数据学习，甚至只从正数据和未标签数据一起学习。该项目还探索了一种新的方法，使用社交媒体信息来获取额外信息，以提高基本事实和/或预测的准确性。

项目成果

Leveraging attention-based deep neural networks for security vetting of Android applications

利用基于注意力的深度神经网络对 Android 应用程序进行安全审查

• DOI: 10.4108/eai.27-9-2021.171168
• 发表时间: 2021
• 期刊: ICST Transactions on Security and Safety
• 作者: Pathak, Prabesh;Poudel, Prabesh;Roy, Sankardas;Caragea, Doina
• 通讯作者: Caragea, Doina

Experimental Study of Machine Learning based Malware Detection Systems’ Practical Utility

基于机器学习的恶意软件检测系统的实验研究——实用性

• 发表时间: 2020
• 期刊: HICSS SYMPOSIUM ON CYBERSECURITY BIG DATA ANALYTICS
• 作者: Li, Yuping;Caragea, Doina;Hall, Lawrence;Ou, Xinming
• 通讯作者: Ou, Xinming

Hybrid Analysis of Android Apps for Security Vetting using Deep Learning

• DOI: 10.1109/cns48642.2020.9162341
• 发表时间: 2020-06
• 期刊: 2020 IEEE Conference on Communications and Network Security (CNS)
• 作者: Dewan Chaulagain;Prabesh Poudel;Prabesh Pathak;Sankardas Roy;Doina Caragea;G. Liu;Xinming Ou

Identifying Android Malware Using Network-Based Approaches

• DOI: 10.1145/3341161.3343534
• 发表时间: 2019-07
• 期刊: 2019 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM)
• 作者: Emily Alfs;Doina Caragea;Nathan Albin;P. Poggi-Corradini