Securing ML-based Android Malware Detectors: A Defensive Feature Selection Approach against Backdoor Attacks

This work investigates the vulnerability of ML-based Android malware detectors to backdoor attacks, and proposes a novel feature selection method to reduce system vulnerability. We present a realistic attack scenario and enhance the state-of-the-art genetic algorithm for trigger generation. The algorithm is used to design a feature selection method that prioritises attributes less prone to exploitation by attackers. The solution was evaluated using a dataset from the Koodous platform. The results show that the proposed improvements to the trigger selection algorithm were effective, resulting in a 10 percentage point increase. Furthermore, the proposed feature selection method significantly reduced the vulnerability of the ML system by 30%, without affecting the quality of the malicious application detection task execution.