DroidGen: Constraint-based and Data-Driven Policy Generation for Android
Mohamed Nassim Seghir, David Aspinall
TL;DR
DroidGen is a tool that automatically generates Android security policies using a data-driven approach and constraint solving, effectively filtering out most malware while maintaining benign app access.
Contribution
It introduces a novel constraint-based method for automatic policy inference that is more interpretable than traditional black-box classifiers.
Findings
Filters out 91% of tested Android malware
Generates readable, declarative security policies
Preliminary results show promising effectiveness
Abstract
We present DroidGen a tool for automatic anti-malware policy inference. DroidGen employs a data-driven approach: it uses a training set of malware and benign applications and makes call to a constraint solver to generate a policy under which a maximum of malware is excluded and a maximum of benign applications is allowed. Preliminary results are encouraging. We are able to automatically generate a policy which filters out 91% of the tested Android malware. Moreover, compared to black-box machine learning classifiers, our method has the advantage of generating policies in a declarative readable format. We illustrate our approach, describe its implementation and report on the preliminary results.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Software Testing and Debugging Techniques · Security and Verification in Computing