Write a Blog >>
ICSE 2020
Wed 24 June - Thu 16 July 2020
Thu 9 Jul 2020 00:24 - 00:36 at Baekje - P13-Security Chair(s): Joshua Garcia

To battle the ever-increasing Android malware, malware family classification, which classifies malware with common features into a malware family, has been proposed as an effective malware analysis method. Several machine-learning based approaches have been proposed for the task of malware family classification. Our study shows that malware families suffer from several data imbalance, with many families with only a small number of malware applications (referred to as few shot malware families in this work). Unfortunately, this issue has been overlooked in existing approaches. Although existing approaches achieve high classification performance at the overall level and for large malware families, our experiments show that they suffer from poor performance and generalizability for few shot malware families, and traditionally downsampling method cannot solve the problem. To address the challenge in few shot malware family classification, we propose a novel siamese-network based learning method, which allows us to train an effective MultiLayer Perceptron (MLP) network for embedding malware applications into a real-valued, continuous vector space by contrasting the malware applications from the same or different families. In the embedding space, the performance of malware family classification can be significantly improved for all scales of malware families, especially for few shot malware families, which also leads to the significant performance improvement at the overall level.

Thu 9 Jul

Displayed time zone: (UTC) Coordinated Universal Time change

00:00 - 01:00
P13-SecurityTechnical Papers / Software Engineering in Practice at Baekje
Chair(s): Joshua Garcia University of California, Irvine
00:00
12m
Talk
Burn After Reading: A Shadow Stack with Microsecond-level Runtime Rerandomization for Protecting Return AddressesTechnicalArtifact Available
Technical Papers
Changwei Zou UNSW Sydney, Jingling Xue UNSW Sydney
00:12
12m
Talk
Automated Identification of Libraries from Vulnerability DataSEIP
Software Engineering in Practice
Chen Yang Veracode, Inc., Andrew Santosa Veracode, Inc., Asankhaya Sharma Veracode, Inc., David Lo Singapore Management University
Pre-print Media Attached
00:24
12m
Talk
Unsuccessful Story about Few Shot Malware-Family Classification and Siamese Network to the RescueTechnical
Technical Papers
Yude Bai Tianjin University, Zhenchang Xing Australia National University, Xiaohong Li TianJin University, Zhiyong Feng Tianjin University, Duoyuan Ma Tianjin University
00:36
12m
Talk
SpecuSym: Speculative Symbolic Execution for Cache Timing Leak DetectionTechnical
Technical Papers
Shengjian Guo Baidu X-Lab, Yueqi Chen The Pennsylvania State University, Peng Li Baidu X-Lab, Yueqiang Cheng Baidu Security, Huibo Wang Baidu X-Lab, Meng Wu Ant Financial, Zhiqiang Zuo Nanjing University, China
00:48
12m
Talk
Building and Maintaining a Third-Party Library Supply Chain for Productive and Secure SGX Enclave DevelopmentSEIP
Software Engineering in Practice
Pei Wang Baidu X-Lab, Yu Ding Baidu X-Lab, Mingshen Sun Baidu X-Lab, Huibo Wang Baidu X-Lab, Tongxin Li Baidu X-Lab, Rundong Zhou Baidu X-Lab, Zhaofeng Chen , Yiming Jing Baidu X-Lab