Adversarial-Resilience Assurance for Mobile Security Systems. Yang, W. Ph.D. Thesis, 2018.
Adversarial-Resilience Assurance for Mobile Security Systems [pdf]Paper  Adversarial-Resilience Assurance for Mobile Security Systems [pdf]Website  abstract   bibtex   
As mobile phones become an increasingly critical part of our world, ensuring the security and privacy of mobile applications (in short as apps) becomes increasingly important. For too long, researchers have often tackled security in an attack-driven, ad hoc, and reactionary manner with large manual efforts devoted by security analysts. In the efforts of making security systems automated and systematic, multiple intelligent techniques, such as program analysis and machine learning, have been introduced in the mobile security systems for better security decision making. However, these intelligent techniques are originally proposed for domains such as image recognition, Virtual Personal Assistants, and software testing without considering the presence of adversaries. In this dissertation, we present three main bodies of research on adversarial resiliency of intelligent techniques used in mobile security systems. We first present how intelligent techniques can be adapted for automated decision making in mobile security systems. Then we investigate the possibility to design and implement systematic attack strategies that are specifically adversarial to these newly-proposed intelligent techniques. Last, based on the findings that the intelligent techniques are indeed susceptible to the adversarial attacks, we develop techniques to further strengthen the adversarial resiliency of intelligent techniques toward these adversarial attacks. In particular, we use mobile malware detection as a representative of security systems for our investigation. To show how a malware detection approach can be enhanced by intelligent techniques such as machine learning and static program analysis, we propose AppContext, an approach that identifies malware with 87.7% precision and 95% recall. To show the possibility to attack intelligent techniques such as machine learning, we propose MRV, an approach that automatically constructs more than hundreds of new malware variants compromising state-of-the-art learning-based malware detectors. To strengthen the adversarial resiliency against obfuscation techniques used by malware to confuse static analysis, we propose EnMobile, which detects malware with substantially higher precision and recall than four state-of-the-art approaches, namely Apposcopy, Drebin, MUDFLOW, and AppContext.

Downloads: 0