Pierpaolo Ciccarelli

UniCa About Professors and Researchers Pierpaolo Ciccarelli Research Research outcomes (IRIS)

Pierpaolo Ciccarelli

Data drift in Android malware detection

Minnei, Luca;Eddoubi, Hicham;Sotgiu, Angelo;Pintor, Maura;Demontis, Ambra;Biggio, Battista

2025-01-01

Abstract

Android malware detectors are now widely implemented with machine learning algorithms, trained on large datasets of goodware and malware applications gathered at a fixed moment in time. However, as recent work showed, this domain is not stationary, causing detectors to show degrading performance over time. While recent work pinpoints the presence of such drift, little has been done to isolate its causes and understand the underlying reasons. In this work, we show which features cause the data drift, i.e., new features to appear and old ones that become unreliable. Our experimental evaluation highlights that particular feature groups cause the data drift. However, we also show that removing these highly variable features from the feature set is insufficient to achieve good classification performance.

Short Card

Tab complete

Full Sheet(DC)

         Anno 
       
        2025 
       
         Lingua/e 
       
        Inglese 
       
         Titolo del Volume 
       
        2024 International Conference on Machine Learning and Cybernetics (ICMLC) 
       
         Nome Editore 
       
        IEEE Computer Society 
       
         Città Editore 
       
        Los Alamitos - CA 
       
         Nazionalità Editore 
       
        STATI UNITI D'AMERICA 
       
         Titolo della Collana/serie 
       
        PROCEEDINGS OF ... INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND CYBERNETICS 
       
         Da pagina 
       
        157 
       
         A pagina 
       
        163 
       
         Numero di pagine 
       
        7 
       
         Codice DOI 
       
        https://dx.doi.org/10.1109/icmlc63072.2024.10935015 
       
         Codice Scopus 
       
        2-s2.0-105002272193 
       
         Titolo del convegno 
       
        23rd International Conference on Machine Learning and Cybernetics, ICMLC 2024 
       
         Referee 
       
        Esperti anonimi 
       
         Periodo del Convegno 
       
        2024 
       
         Luogo del Convegno 
       
        Miyazaki, Japan 
       
         Caratterizzazione prevalente 
       
        scientifica 
       
         Parole chiave 
       
        Machine Learning; Android; Cybersecurity 
       
         Presenza di coautori internazionali 
       
        no 
       
         Tipologia 
       
        4 Contributo in Atti di Convegno (Proceeding)::4.1 Contributo in Atti di convegno 
       
         Tutti gli autori 
       
        Minnei, Luca; Eddoubi, Hicham; Sotgiu, Angelo; Pintor, Maura; Demontis, Ambra; Biggio, Battista
         
         Tipologia sito docente 
       
        273 
       
         Numero autori 
       
        6 
       
         Tipologia 
       
        4.1 Contributo in Atti di convegno 
       
         Fulltext 
       
        partially_open 
       
         Tipologia 
       
        info:eu-repo/semantics/conferencePaper 
       
         Type: 
       
        4.1 Contributo in Atti di convegno

Files in This Item:

File	Size	Format
Data_Drift_in_Android_Malware_Detection.pdf Solo gestori archivio Type: versione editoriale Size 366.5 kB Format Adobe PDF & nbsp; View / Open Request a copy	366.5 kB	Adobe PDF	& nbsp; View / Open Request a copy
ICMLC-drift-malware.pdf open access Type: versione pre-print Size 306.46 kB Format Adobe PDF View/Open	306.46 kB	Adobe PDF	View/Open

University of Cagliari

University of Cagliari