DeepTrust: Robust Multi-Step Classification with Divergent Learned Representation Models for Android Malware Detection
This research presents DeepTrust, a novel metaheuristic that arranges flexible classifiers, like deep neural networks, into an ordered sequence where the final decision is made by a single internal model based on a step-forward criterion. DeepTrust gets gold medal and state-of-the-art results, outpe...
| Autor: | |
|---|---|
| Formato: | tesis de maestría |
| Fecha de publicación: | 2025 |
| País: | España |
| Recursos: | Universitat Politècnica de Catalunya (UPC) |
| Repositorio: | UPCommons. Portal del coneixement obert de la UPC |
| Idioma: | inglés |
| OAI Identifier: | oai:upcommons.upc.edu:2117/441718 |
| Acesso em linha: | https://hdl.handle.net/2117/441718 |
| Access Level: | acceso abierto |
| Palavra-chave: | Machine learning Deep learning Malware (Computer software) Aprenentatge Automàtic Aprenentatge Profund Aprenentatge Automàtic Adversari Detecció de Programari Maliciós Android Aprenentatge de Representacions Machine Learning Deep Learning Adversarial Machine Learning Malware Detection Representation Learning Aprenentatge automàtic Aprenentatge profund Programari maliciós Àrees temàtiques de la UPC::Informàtica::Intel·ligència artificial::Aprenentatge automàtic |
| Resumo: | This research presents DeepTrust, a novel metaheuristic that arranges flexible classifiers, like deep neural networks, into an ordered sequence where the final decision is made by a single internal model based on a step-forward criterion. DeepTrust gets gold medal and state-of-the-art results, outperforming the next-best competitor by up to 266% under feature-space evasion attacks, in the Robust Android Malware Detection competition hosted by the IEEE SaTML 2025 conference. This is accomplished while maintaining the highest detection rate on non-adversarial malware and a false positive rate under 1%. The method's efficacy stems from maximizing the divergence of the learned representations among the internal models. By using classifiers with fundamentally dissimilar data embeddings, the decision space becomes unpredictable for an attacker. This frustrates the iterative perturbation process inherent to evasion attacks, enhancing system robustness without compromising accuracy on clean examples. |
|---|