We explore the use of machine learning, specifically Random Forest classifiers, combined with SHapley Additive exPlanations values, to detect Android malware. We leverage diverse datasets, including the Android Genome Project and Drebin, to distinguish between benign and malicious applications. Emphasizing feature importance through SHAP analysis, we aim to enhance model interpretability and effectiveness in cybersecurity. This approach not only improves threat detection accuracy, but also contributes to the broader field of explainable AI in cybersecurity. The paper is structured to cover theoretical foundations, methodology, results, and future directions in this evolving area of study. Also, based on practical findings, we highlight the importance of the data source and transmission patterns as a way to identify malware.
Cybersecurity Analysis Through Shapley Values for a Network Traffic Dataset of Android Malware
Buratto A.;Badia L.
2024
Abstract
We explore the use of machine learning, specifically Random Forest classifiers, combined with SHapley Additive exPlanations values, to detect Android malware. We leverage diverse datasets, including the Android Genome Project and Drebin, to distinguish between benign and malicious applications. Emphasizing feature importance through SHAP analysis, we aim to enhance model interpretability and effectiveness in cybersecurity. This approach not only improves threat detection accuracy, but also contributes to the broader field of explainable AI in cybersecurity. The paper is structured to cover theoretical foundations, methodology, results, and future directions in this evolving area of study. Also, based on practical findings, we highlight the importance of the data source and transmission patterns as a way to identify malware.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.