Explainable Malware Detection based on Machine Learning Algorithms

Jack Boyer


Supervised by Tingting Li; Moderated by Amir Javed

Many cybersecurity challenges now can be dealt with by using the power of AI, from automatic identification of malware to intelligent defence systems combating ever-changing cyberattacks. However, many cybersecurity companies find it difficult to trust AI solutions and leave protection in the hands of a mysterious black box. Therefore, this project aims to develop AI-enhanced cybersecurity solutions which are accountable and transparent. For instance, a framework to provide an explanation to malware classification, i.e. which features are most salient in classifying a malware sample into a specific class, and eventually, we can explain misclassified malware samples by certain detection methods.

[1] Daniel Arp, Michael Spreitzenbarth, Malte Huebner, Hugo Gascon, and Konrad Rieck "Drebin: Efficient and Explainable Detection of Android Malware in Your Pocket", 21th Annual Network and Distributed System Security Symposium (NDSS), February 2014 [2] Lime: Explaining the predictions of any machine learning classifier, https://github.com/marcotcr/lime

Initial Plan (06/02/2023) [Zip Archive]

Final Report (19/05/2023) [Zip Archive]

Publication Form