Do Gradient-based Explanations Tell Anything About Adversarial Robustness to Android Malware?
Machine-learning algorithms trained on features extracted from static code analysis can successfully detect Android malware. However, these approaches can be evaded by sparse evasion attacks that produce adversarial malware samples in which only few features are modified. This can be achieved, e.g., by injecting a small set of fake perm...More
PPT (Upload PPT)