{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:39:44Z","timestamp":1772041184230,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":50,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,26]],"date-time":"2023-11-26T00:00:00Z","timestamp":1700956800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"King's China Scholarship Council","award":["Ph.D. Scholarship programme (K-CSC)"],"award-info":[{"award-number":["Ph.D. Scholarship programme (K-CSC)"]}]},{"DOI":"10.13039\/100006785","name":"Google","doi-asserted-by":"publisher","award":["ASPIRE research award"],"award-info":[{"award-number":["ASPIRE research award"]}],"id":[{"id":"10.13039\/100006785","id-type":"DOI","asserted-by":"publisher"}]},{"name":"EPSRC Grant","award":["EP\/X015971\/1"],"award-info":[{"award-number":["EP\/X015971\/1"]}]},{"name":"Ministry of Education and Research (BMBF)","award":["BIFOLD23B"],"award-info":[{"award-number":["BIFOLD23B"]}]},{"name":"Deutsche Forschungsgemeinschaft (DFG, German Research Foundation)","award":["456292433;~456292463"],"award-info":[{"award-number":["456292433;~456292463"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,30]]},"DOI":"10.1145\/3605764.3623918","type":"proceedings-article","created":{"date-parts":[[2023,11,21]],"date-time":"2023-11-21T12:12:17Z","timestamp":1700568737000},"page":"197-207","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["Drift Forensics of Malware Classifiers"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0003-2125-8828","authenticated-orcid":false,"given":"Theo","family":"Chow","sequence":"first","affiliation":[{"name":"King's College London, London, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-4740-1134","authenticated-orcid":false,"given":"Zeliang","family":"Kan","sequence":"additional","affiliation":[{"name":"King's College London & University College London, London, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5533-5524","authenticated-orcid":false,"given":"Lorenz","family":"Linhardt","sequence":"additional","affiliation":[{"name":"TU Berlin & BIFOLD, Berlin, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3878-2680","authenticated-orcid":false,"given":"Lorenzo","family":"Cavallaro","sequence":"additional","affiliation":[{"name":"University College London, London, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3628-794X","authenticated-orcid":false,"given":"Daniel","family":"Arp","sequence":"additional","affiliation":[{"name":"TU Berlin, Berlin, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1254-1758","authenticated-orcid":false,"given":"Fabio","family":"Pierazzi","sequence":"additional","affiliation":[{"name":"King's College London, London, United Kingdom"}]}],"member":"320","published-online":{"date-parts":[[2023,11,26]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"[n. d.]. Adware Dowgin. https:\/\/vms.drweb.com\/virus\/?i=21714828. Accessed: 2023-07-06."},{"key":"e_1_3_2_1_2_1","unstructured":"[n. d.]. Adware Kuguo. https:\/\/vms.drweb.com\/virus\/?i=17938587. Accessed: 2023-07-06."},{"key":"e_1_3_2_1_3_1","unstructured":"[n. d.]. Message Digest class. https:\/\/developer.android.com\/reference\/java\/ security\/MessageDigest. Accessed: 2023-07-06."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-15618-7_5"},{"key":"e_1_3_2_1_5_1","volume-title":"Applying machine learning classifiers to dynamic android malware detection at scale. In 2013 9th international wireless communications and mobile computing conference (IWCMC)","author":"Amos Brandon","unstructured":"Brandon Amos, Hamilton Turner, and Jules White. 2013. Applying machine learning classifiers to dynamic android malware detection at scale. In 2013 9th international wireless communications and mobile computing conference (IWCMC). IEEE, 1666--1671."},{"key":"e_1_3_2_1_6_1","volume-title":"International Conference on Learning Representations.","author":"Ancona Marco","unstructured":"Marco Ancona, Enea Ceolini, Cengiz \u00d6ztireli, and Markus H. Gross. 2017. Towards better understanding of gradient-based attribution methods for Deep Neural Networks. In International Conference on Learning Representations."},{"key":"e_1_3_2_1_7_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Arp Daniel","year":"2022","unstructured":"Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro, and Konrad Rieck. 2022. Dos and Don'ts of Machine Learning in Computer Security. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA, 3971--3988. https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/arp"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23247"},{"key":"e_1_3_2_1_9_1","volume-title":"When Malware Changed Its Mind: An Empirical Study of Variable Program Behaviors in the Real World. In 30th USENIX Security Symposium (USENIX Security 21)","author":"Avllazagaj Erin","year":"2021","unstructured":"Erin Avllazagaj, Ziyun Zhu, Leyla Bilge, Davide Balzarotti, and Tudor Dumitras. 2021. When Malware Changed Its Mind: An Empirical Study of Variable Program Behaviors in the Real World. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 3487--3504. https:\/\/www.usenix.org\/conference\/ usenixsecurity21\/presentation\/avllazagaj"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1371\/journal.pone.0130140"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833659"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/130385.130401"},{"key":"e_1_3_2_1_13_1","unstructured":"Yizheng Chen Zhoujie Ding and David Wagner. 2023. Continuous Learning for Android Malware Detection. arXiv:2302.04332 [cs.CR]"},{"key":"e_1_3_2_1_14_1","volume-title":"Is It Overkill? Analyzing Feature-Space Concept Drift in Malware Detectors (2023 ed.)","author":"Chen Zhi","unstructured":"Zhi Chen, Zhenning Zhang, Zeliang Kan, Jacopo Cortellazzi, Feargus Pendlebury, Fabio Pierazzi, Lorenzo Cavallaro, and Gang Wang. 2023. Is It Overkill? Analyzing Feature-Space Concept Drift in Malware Detectors (2023 ed.). IEEE."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511801389"},{"key":"e_1_3_2_1_16_1","unstructured":"Stefan Decker. [n. d.]. G DATA Mobile Malware Report: Criminals keep up the pace with Android malware. https:\/\/www.gdatasoftware.com\/news\/2021\/ 10\/37093-g-data-mobile-malware-report-criminals-keep-up-the-pace-withandroid-malware. Accessed: 2023-06--19."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2017.10.003"},{"key":"e_1_3_2_1_18_1","unstructured":"Dan Goodin. [n. d.]. Potentially millions of Android TVs and phones come with malware preinstalled. https:\/\/arstechnica.com\/informationtechnology\/2023\/05\/potentially-millions-of-android-tvs-and-phones-comewith-malware-preinstalled\/. Accessed: 2023-06--239."},{"key":"e_1_3_2_1_19_1","unstructured":"Arash Habibi Lashkari Gurdip Kaur. [n. d.]. Understanding Android malware Families: Riskware - is it worth it? https:\/\/www.itworldcanada.com\/blog\/ understanding-android-malware-families-riskware-is-it-worth-it-article4\/446692. Accessed: 2023-06--20."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1172\/JCI200113992"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13748-011-0008-0"},{"key":"e_1_3_2_1_22_1","volume-title":"Evaluations and methods for explanation through robustness analysis. arXiv preprint arXiv:2006.00442","author":"Hsieh Cheng-Yu","year":"2020","unstructured":"Cheng-Yu Hsieh, Chih-Kuan Yeh, Xuanqing Liu, Pradeep Ravikumar, Seungyeon Kim, Sanjiv Kumar, and Cho-Jui Hsieh. 2020. Evaluations and methods for explanation through robustness analysis. arXiv preprint arXiv:2006.00442 (2020)."},{"key":"e_1_3_2_1_23_1","volume-title":"Transcend: Detecting concept drift in malware classification models. In 26th USENIX security symposium (USENIX security 17). 625--642.","author":"Jordaney Roberto","year":"2017","unstructured":"Roberto Jordaney, Kumar Sharad, Santanu K Dash, Zhi Wang, Davide Papini, Ilia Nouretdinov, and Lorenzo Cavallaro. 2017. Transcend: Detecting concept drift in malware classification models. In 26th USENIX security symposium (USENIX security 17). 625--642."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/CCWC54503.2022.9720753"},{"key":"e_1_3_2_1_25_1","volume-title":"Investigating Labelless Drift Adaptation for Malware Detection. In ACM Workshop on Artificial Intelligence and Security (AISec).","author":"Kan Zeliang","year":"2021","unstructured":"Zeliang Kan, Feargus Pendlebury, Fabio Pierazzi, and Lorenzo Cavallaro. 2021. Investigating Labelless Drift Adaptation for Malware Detection. In ACM Workshop on Artificial Intelligence and Security (AISec)."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3485832.3485916"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3236386.3241340"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--642-04342-0_2"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-019-00346-7"},{"key":"e_1_3_2_1_30_1","unstructured":"Michael Mimoso. [n. d.]. Gunpoder Android Malware Hides Malicious Behaviors in Adware. https:\/\/threatpost.com\/gunpoder-android-malware-hides-maliciousbehaviors-in-adware\/113654\/. Accessed: 2023-06--19."},{"key":"e_1_3_2_1_31_1","volume-title":"Layer-wise relevance propagation: an overview. Explainable AI: interpreting, explaining and visualizing deep learning","author":"Montavon Gr\u00e9goire","year":"2019","unstructured":"Gr\u00e9goire Montavon, Alexander Binder, Sebastian Lapuschkin, Wojciech Samek, and Klaus-Robert M\u00fcller. 2019. Layer-wise relevance propagation: an overview. Explainable AI: interpreting, explaining and visualizing deep learning (2019), 193-- 209."},{"key":"e_1_3_2_1_32_1","volume-title":"A unifying view on dataset shift in classification. Pattern recognition 45, 1","author":"Moreno-Torres Jose G","year":"2012","unstructured":"Jose G Moreno-Torres, Troy Raeder, Roc\u00edo Alaiz-Rodr\u00edguez, Nitesh V Chawla, and Francisco Herrera. 2012. A unifying view on dataset shift in classification. Pattern recognition 45, 1 (2012), 521--530."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/TETCI.2017.2699220"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00500-014-1511-6"},{"key":"e_1_3_2_1_35_1","volume-title":"Proceedings of the 28th USENIX Security Symposium. USENIX Association, 729--746","author":"Pendlebury Feargus","year":"2019","unstructured":"Feargus Pendlebury, Fabio Pierazzi, Roberto Jordaney, Johannes Kinder, Lorenzo Cavallaro, et al. 2019. TESSERACT: Eliminating experimental bias in malware classification across space and time. In Proceedings of the 28th USENIX Security Symposium. USENIX Association, 729--746."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-28954-6"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427261"},{"key":"e_1_3_2_1_38_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Shan Shawn","year":"2022","unstructured":"Shawn Shan, Arjun Nitin Bhagoji, Haitao Zheng, and Ben Y Zhao. 2022. Poison forensics: Traceback of data poisoning attacks in neural networks. In 31st USENIX Security Symposium (USENIX Security 22). 3575--3592."},{"key":"e_1_3_2_1_39_1","volume-title":"Proceedings of the 34th International Conference on Machine Learning -","volume":"70","author":"Shrikumar Avanti","year":"2017","unstructured":"Avanti Shrikumar, Peyton Greenside, and Anshul Kundaje. 2017. Learning Important Features through Propagating Activation Differences. In Proceedings of the 34th International Conference on Machine Learning - Volume 70 (Sydney, NSW, Australia) (ICML'17). JMLR.org, 3145--3153."},{"key":"e_1_3_2_1_40_1","volume-title":"International conference on machine learning. PMLR, 3319-- 3328","author":"Sundararajan Mukund","year":"2017","unstructured":"Mukund Sundararajan, Ankur Taly, and Qiqi Yan. 2017. Axiomatic attribution for deep networks. In International conference on machine learning. PMLR, 3319-- 3328."},{"key":"e_1_3_2_1_41_1","unstructured":"Roman Unuchek. [n. d.]. Mobile malware evolution. https:\/\/securelist.com\/ mobile-malware-evolution-2016\/77681\/. Accessed: 2022-05--22."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3028370"},{"key":"e_1_3_2_1_43_1","volume-title":"Evaluating explanation methods for deep learning in security. In 2020 IEEE european symposium on security and privacy (EuroS&P)","author":"Warnecke Alexander","unstructured":"Alexander Warnecke, Daniel Arp, Christian Wressnegger, and Konrad Rieck. 2020. Evaluating explanation methods for deep learning in security. In 2020 IEEE european symposium on security and privacy (EuroS&P). IEEE, 158--174."},{"key":"e_1_3_2_1_44_1","volume-title":"DIMVA 2017, Bonn, Germany, July 6--7, 2017, Proceedings 14","author":"Wei Fengguo","year":"2017","unstructured":"Fengguo Wei, Yuping Li, Sankardas Roy, Xinming Ou, and Wu Zhou. 2017. Deep ground truth analysis of current android malware. In Detection of Intrusions and Malware, and Vulnerability Assessment: 14th International Conference, DIMVA 2017, Bonn, Germany, July 6--7, 2017, Proceedings 14. Springer, 252--276."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2019.00014"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW53761.2021.00020"},{"key":"e_1_3_2_1_47_1","volume-title":"Proc. of the USENIX Security Symposium. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/yanglimin","author":"Yang Limin","year":"2021","unstructured":"Limin Yang, Wenbo Guo, Qingying Hao, Arridhana Ciptadi, Ali Ahmadzadeh, Xinyu Xing, and Gang Wang. 2021. {CADE}: Detecting and Explaining Concept Drift Samples for Security Applications. In Proc. of the USENIX Security Symposium. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/yanglimin"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/VAST50239.2020.00007"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/TETCI.2021.3100641"},{"key":"e_1_3_2_1_50_1","volume-title":"Temporal Analysis of Distribution Shifts in Malware Classification for Digital Forensics. In 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE Computer Society, 439--450","author":"Zola Francesco","year":"2023","unstructured":"Francesco Zola, Jan Lukas Bruse, and Mikel Galar. 2023. Temporal Analysis of Distribution Shifts in Malware Classification for Digital Forensics. In 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE Computer Society, 439--450."}],"event":{"name":"CCS '23: ACM SIGSAC Conference on Computer and Communications Security","location":"Copenhagen Denmark","acronym":"CCS '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 16th ACM Workshop on Artificial Intelligence and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3605764.3623918","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3605764.3623918","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,23]],"date-time":"2025-08-23T01:36:30Z","timestamp":1755912990000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3605764.3623918"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,26]]},"references-count":50,"alternative-id":["10.1145\/3605764.3623918","10.1145\/3605764"],"URL":"https:\/\/doi.org\/10.1145\/3605764.3623918","relation":{},"subject":[],"published":{"date-parts":[[2023,11,26]]},"assertion":[{"value":"2023-11-26","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}