The University of Windsor is preparing for a safe return to campus. Learn More.

Colloquium Presentation by Samaneh Mahdavifar:"Dynamic Android Malware Category Classification using Semi-Supervised Deep Learning"

Friday, November 6, 2020 - 11:00 to 12:30

SCHOOL OF COMPUTER SCIENCE – Colloquium Series 

The School of Computer Science at the University of Windsor is pleased to present… 

Photo of Samaneh Mahdavifar
Samaneh Mahdavifar,Cybersecurity Researcher at the Canadian Institute for Cybersecurity (CIC) and a PhD candidate in Computer Science at the University of New Brunswick (UNB
 
Date: Friday November 6, 2020 
Time: 11:00am-12:30pm 
Passcode: If you are interested in attending this colloquium presentation, send an email request to the Graduate Secretary at csgradinfo@uwindsor.ca.
Reminder: When joining the Zoom session, you must provide your full name and your status (ie. Jane Doe, MSc) in the link provided to the excel spreadsheet
 
 

Abstract 

Due to the significant threat of Android mobile malware, its detection has become increasingly important. Despite the academic and industrial attempts, devising a robust and efficient solution for Android malware detection and category classification is still an open problem. Supervised machine learning has been used to solve this issue. However, it is far to be perfect because it requires a significant amount of malicious and benign code to be identified and labeled beforehand. Since labeled data is expensive and difficult to get while unlabeled data is abundant and cheap in this context, we resort to a semi-supervised learning technique for deep neural networks, namely pseudo-label, which we train using a set of labeled and unlabeled instances. We use dynamic analysis to craft dynamic behavior profiles as feature vectors. Furthermore, we develop a new dataset, namely CICMalDroid2020, which includes 17,341 most recent samples of five different Android apps categories: Adware, Banking, SMS, Riskware, and Benign. Our offered dataset comprises the most complete captured static and dynamic features among publicly available datasets. We evaluate our proposed model on CICMalDroid2020 and conduct a comparison with Label Propagation (LP), a well-known semi-supervised machine learning technique, and other common machine learning algorithms. The experimental results show that the model can classify Android apps with respect to malware category with F 1 -Score of 97.84 percent and a false positive rate of 2.76 percent, considerably higher than LP. These results demonstrate the robustness of our model despite the small number of labeled instances
 

Biography 

Samaneh Mahdavifar received the B.Eng. degree in Computer Engineering-Software from Kharazmi University, Tehran, Iran, in 2008 and the M.Eng. degree in Computer Engineering-Software from Ferdowsi University of Mashhad, Iran, in 2012. She is currently a Cybersecurity Researcher at the Canadian Institute for Cybersecurity (CIC) and a Ph.D. candidate in Computer Science at the University of New Brunswick (UNB), Canada. She has worked as the cybersecurity researcher and developer of several collaborative security projects between Bell, IBM, and CIC. Her research interests include computer network security, deep learning, cybersecurity and privacy, malware detection, and machine learning.  
 
5113 Lambton Tower 401 Sunset Ave. Windsor ON, N9B 3P4 (519) 253-3000 Ext. 3716 csgradinfo@uwindsor.ca