Adversarial-resilience assurance for mobile security systems

Yang, Wei

Permalink

https://hdl.handle.net/2142/101204 Copy

Description

Title

Adversarial-resilience assurance for mobile security systems

Author(s)

Yang, Wei

Issue Date

2018-04-20

Director of Research (if dissertation) or Advisor (if thesis)

Xie, Tao

Doctoral Committee Chair(s)

Gunter, Carl

Committee Member(s)

• Marinov, Darko
• Prasad, Mukul

Department of Study

Computer Science

Discipline

Computer Science

Degree Granting Institution

University of Illinois at Urbana-Champaign

Degree Name

Ph.D.

Degree Level

Dissertation

Keyword(s)

Mobile Security, Adversarial Machine Learning

Abstract

As mobile phones become an increasingly critical part of our world, ensuring the security and privacy of mobile applications (in short as apps) becomes increasingly important. For too long, researchers have often tackled security in an attack-driven, ad hoc, and reactionary manner with large manual efforts devoted by security analysts. In the efforts of making security systems automated and systematic, multiple intelligent techniques, such as program analysis and machine learning, have been introduced in the mobile security systems for better security decision making. However, these intelligent techniques are originally proposed for domains such as image recognition, Virtual Personal Assistants, and software testing without considering the presence of adversaries. In this dissertation, we present three main bodies of research on adversarial resiliency of intelligent techniques used in mobile security systems. We first present how intelligent techniques can be adapted for automated decision making in mobile security systems. Then we investigate the possibility to design and implement systematic attack strategies that are specifically adversarial to these newly-proposed intelligent techniques. Last, based on the findings that the intelligent techniques are indeed susceptible to the adversarial attacks, we develop techniques to further strengthen the adversarial resiliency of intelligent techniques toward these adversarial attacks. In particular, we use mobile malware detection as a representative of security systems for our investigation. To show how a malware detection approach can be enhanced by intelligent techniques such as machine learning and static program analysis, we propose AppContext, an approach that identifies malware with 87.7% precision and 95% recall. To show the possibility to attack intelligent techniques such as machine learning, we propose MRV, an approach that automatically constructs more than hundreds of new malware variants compromising state-of-the-art learning-based malware detectors. To strengthen the adversarial resiliency against obfuscation techniques used by malware to confuse static analysis, we propose EnMobile, which detects malware with substantially higher precision and recall than four state-of-the-art approaches, namely Apposcopy, Drebin, MUDFLOW, and AppContext.

Graduation Semester

2018-05

Type of Resource

text

Permalink

http://hdl.handle.net/2142/101204

Copyright and License Information

Copyright 2018 Wei Yang

Owning Collections