Longitudinal Study of Adversarial Robustness in Android Malware Detection
A recent investigation published on arXiv (2605.23623) examines the resilience of Android malware detection against adversarial attacks over a ten-year span, utilizing both static and dynamic features derived from emulator and real-device operations. The dataset is segmented into annual portions and assessed using three deployment strategies: training/testing within the same year, cross-year deployment without updates, and expanding-window retraining. Adversarial samples are created via FGSM and SPSA while adhering to feasibility limitations. The research presents new temporal linkage metrics—RobustDrop, ΔASR, and Adversarial Amplification Factor (AAF)—to measure the impact of distribution shifts on robustness decline. Findings indicate that the temporal gap between training and testing data significantly influences adversarial accuracy and the success rates of attacks.
Key facts
- Study covers more than a decade of Android applications
- Uses static and dynamic feature representations from emulator and real-device executions
- Dataset organized into yearly slices
- Three deployment protocols: same-year training/testing, cross-year deployment without updates, expanding-window retraining
- Adversarial examples generated using FGSM and SPSA under feasibility constraints
- Introduces metrics: RobustDrop, ΔASR, Adversarial Amplification Factor (AAF)
- Measures clean performance, Adversarial Accuracy (AA), Attack Success Rate (ASR)
- Results show temporal separation impacts robustness degradation
Entities
Institutions
- arXiv