Publication Date

Spring 2023

Degree Type

Master's Project

Degree Name

Master of Science (MS)

Department

Computer Science

First Advisor

Mark Stamp

Second Advisor

Thomas Austin

Third Advisor

Genya Ishigaki

Keywords

Android malware, Machine Learning, Malware detection

Abstract

Android malware detection based on machine learning (ML) is widely used by the mobile device security community. Machine learning models offer benefits in terms of detection accuracy and efficiency, but it is often difficult to understand how such models make decisions. As a result, popular malware detection strategies remain black box models, which may result in a lack of accountability and trust in the decisions made. The field of explainable artificial intelligence (XAI) attempts to shed light on such black box models. In this research, we apply XAI techniques to ML-based Android malware detection systems. We train classic ML models (Support Vector Machines, Random Forest, and ��-Nearest Neighbors) and deep learning (DL) models

(Multi-Layer Perceptron and Convolutional Neural Networks) on a challenging Android malware dataset. We then apply state-of-the-art XAI techniques, including Local Interpretable Model-agnostic Explanations (LIME), Shapley Additive exPlanations (SHAP), Eli5, PDP plots, and Class Activation Mapping (CAM). We obtain global and local explanation results and we discuss the utility of XAI techniques in this problem domain. We also provide an extensive literature review of recent XAI work related to deep learning methods for Android malware, and we discuss XAI research trends, challenges, and consider future research directions.

Share

COinS