Kenji Harada

Date of Award

Spring 2-2025

Document Type

Dissertation

Degree Name

Doctor of Philosophy in Cyber Operations (PhDCO)

First Advisor

Tyler Flaagan

Second Advisor

Austin O'Brien

Third Advisor

Kyle Cronin

Fourth Advisor

Hannah Altmann

Abstract

As mobile devices continue to become more integrated into daily life, they have become a greater focus area for malicious actors. The Android operating system represents a very enticing target as their products remain dominant, not just in the smartphone market, but also amongst a broad range of smart devices. Because of this, there has been a consistent rise in both the number and sophistication of Android based malware attacks. Anti-virus solutions have, at times, struggled to keep up, as mobile devices are designed with convenience in mind and security solutions tend to be hidden in the background. The lack of user interactions with security solutions limits their full potential. Fortunately, one relatively new innovation is the advent of malware classification AI models, which greatly improves the autonomous capabilities of an anti-virus solution.

Instead of relying on more outdated methods such as signature hashes, which is trivial to circumvent, machine learning can often replicate a more holistic, even human-like, approach to malware analysis. However, underneath the surface, these malware classification models are still dependent on basic logic such as matching opcodes or looking for specific API calls. Because of this certain classification models are still susceptible to be deceived with even just a few small modifications to the original file. This approach can be made even easier by utilizing generative adversarial networks, or GANs, to automatically identify the changes that need to be made and output files that are resistant to malware classification.

Just as security researchers have utilized machine learning to defend against Android malware, malicious actors also have the opportunity to leverage the same technologies to defeat them. This represents a potentially dangerous future where malware authors can quickly deploy stealthy viruses that can not only bypass older antivirus solutions, but some of the most modern ones as well. This paper will outline the context surrounding AI generated malware, propose a potential methodology for creating an Android specific solution in this field, lay out the work that will be necessary to achieve this endeavor, and finally form a timeline in which this work will be completed.

Download

Share

COinS