REVIEW 1 cited by
The Impact of Train-Test Leakage on Machine Learning-based Android Malware Detection
Not yet reviewed by Pith; the record is open.
This paper has not been read by Pith yet. Machine review is queued; the pith claim, tier, and objections will appear here once it completes.
SPECIMEN: schema-true, not a live event
T0 review · schema-true
One-sentence machine reading of the paper's core claim.
pith:XXXXXXXX · record.json · timestamp
The Impact of Train-Test Leakage on Machine Learning-based Android Malware Detection
read the original abstract
When machine learning is used for Android malware detection, an app needs to be represented in a numerical format for training and testing. We identify a widespread occurrence of distinct Android apps that have identical or nearly identical app representations. In particular, among app samples in the testing dataset, there can be a significant percentage of apps that have an identical or nearly identical representation to an app in the training dataset. This will lead to a data leakage problem that inflates a machine learning model's performance as measured on the testing dataset. The data leakage not only could lead to overly optimistic perceptions on the machine learning models' ability to generalize beyond the data on which they are trained, in some cases it could also lead to qualitatively different conclusions being drawn from the research. We present two case studies to illustrate this impact. In the first case study, the data leakage inflated the performance results but did not impact the overall conclusions made by the researchers in a qualitative way. In the second case study, the data leakage problem would have led to qualitatively different conclusions being drawn from the research. We further examine the real-world impact of the data leakage by dissecting the capability of memorization and the capability of generalization of a machine learning model, and show that by removing leakage from testing data, the evaluation results better reflect the machine learning model's utility in real-world Android malware detection scenarios.
Forward citations
Cited by 1 Pith paper
-
Look-Ahead-Freedom as Temporal Non-Interference: A Verifiable Correctness Property for Backtesting and Agentic Trading Pipelines
Look-ahead-freedom is temporal non-interference; it is undecidable with value-dependent availability but soundly checkable in linear time on the value-independent pipelines practitioners write.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.