已收录 272983 条政策
 政策提纲
  • 暂无提纲
Adversarial-resilience assurance for mobile security systems
[摘要] As mobile phones become an increasingly critical part of our world, ensuring the security and privacy of mobile applications (in short as apps) becomes increasingly important. For too long, researchers have often tackled security in an attack-driven, ad hoc, and reactionary manner with large manual efforts devoted by security analysts. In the efforts of making security systems automated and systematic, multiple intelligent techniques, such as program analysis and machine learning, have been introduced in the mobile security systems for better security decision making. However, these intelligent techniques are originally proposed for domains such as image recognition, Virtual Personal Assistants, and software testing without considering the presence of adversaries. In this dissertation, we present three main bodies of research on adversarial resiliency of intelligent techniques used in mobile security systems. We first present how intelligent techniques can be adapted for automated decision making in mobile security systems. Then we investigate the possibility to design and implement systematic attack strategies that are specifically adversarial to these newly-proposed intelligent techniques. Last, based on the findings that the intelligent techniques are indeed susceptible to the adversarial attacks, we develop techniques to further strengthen the adversarial resiliency of intelligent techniques toward these adversarial attacks.In particular, we use mobile malware detection as a representative of security systems for our investigation.To show how a malware detection approach can be enhanced by intelligent techniques such as machine learning and static program analysis, we propose AppContext, an approach that identifies malware with 87.7% precision and 95% recall. To show the possibility to attack intelligent techniques such as machine learning, we propose MRV, an approach that automatically constructs more than hundreds of new malware variants compromising state-of-the-art learning-based malware detectors. To strengthen the adversarial resiliency against obfuscation techniques used by malware to confuse static analysis, we propose EnMobile, which detects malware with substantially higher precision and recall than four state-of-the-art approaches, namely Apposcopy, Drebin, MUDFLOW, and AppContext.
[发布日期]  [发布机构] 
[效力级别]  [学科分类] 
[关键词] Mobile Security, Adversarial Machine Learning [时效性] 
   浏览次数:28      统一登录查看全文      激活码登录查看全文