Skip to main content

Explaining Concept Drift of Deep Learning Models

  • Conference paper
  • First Online:
Cyberspace Safety and Security (CSS 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11983))

Included in the following conference series:

  • 1454 Accesses

Abstract

Deep learning has been widely used in many fields and has achieved excellent performance, especially in the field of malware detection. Since attackers constantly change malware to avoid being detected by machine learning algorithms, the concept drift phenomenon often occurs when deep neural networks are used for malware classification, degrading the effect of the detection model over time. In this paper, we analyze the characteristics of neural nodes from the internal structure of neural network models. A threshold method is used to prove that different classes of samples activate different neurons whileas samples of the same class activate the same neurons. We explore the reason for concept drift of deep learning models and further improve the interpretability of neural networks by analyzing the distribution of samples before and after the concept drift.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Bengio, Y.: Learning deep architectures for AI. Found. Trends Mach. Learn. 2(1), 1–127 (2009)

    Article  MathSciNet  Google Scholar 

  2. Yuan, Z., Lu, Y., Xue, Y.: Droiddetector: android malware characterization and detection using deep learning. Tsinghua Sci. Technol. 21(1), 114–123 (2016)

    Article  Google Scholar 

  3. Ye, Y., Chen, L., Hou, S., Hardy, W., Li, X.: Deepam: a heterogeneous deep learning framework for intelligent malware detection. Knowl. Inf. Syst. 54(2), 265–285 (2018)

    Article  Google Scholar 

  4. Yuan, X.Y.: Ph.D. forum: deep learning-based real-time malware detection with multi-stage analysis, pp. 1–2, May 2017

    Google Scholar 

  5. Shen, Y., Mariconti, E., Vervier, P.A., Stringhini, G.: Tiresias: predicting security events through deep learning. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, New York, NY, USA, pp. 592–605. ACM (2018)

    Google Scholar 

  6. Shone, N., Ngoc, T.N., Phai, V.D., Shi, Q.: A deep learning approach to network intrusion detection. IEEE Trans. Emerging Topics Comput. Intell. 2(1), 41–50 (2018)

    Article  Google Scholar 

  7. Roy, S.S., Mallik, A., Gulati, R., Obaidat, M.S., Krishna, P.V.: A deep learning based artificial neural network approach for intrusion detection. In: Giri, D., Mohapatra, R.N., Begehr, H., Obaidat, M.S. (eds.) ICMC 2017. CCIS, vol. 655, pp. 44–53. Springer, Singapore (2017). https://doi.org/10.1007/978-981-10-4642-1_5

    Chapter  Google Scholar 

  8. Kang, M., Kang, J.: A novel intrusion detection method using deep neural network for in-vehicle network security. In: 2016 IEEE 83rd Vehicular Technology Conference (VTC Spring), pp. 1–5, May 2016

    Google Scholar 

  9. Pei, K., Cao, Y., Yang, J., Jana, S.: Deepxplore: automated whitebox testing of deep learning systems, pp. 1–18, October 2017

    Google Scholar 

  10. Guo, W., Mu, D., Xu, J., Su, P., Wang, G., Xing, X.: Lemna: explaining deep learning based security applications. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, New York, NY, USA, pp. 364–379. ACM (2018)

    Google Scholar 

  11. Bastani, O., Kim, C., Bastani, H.: Interpreting blackbox models via model extraction. CoRR, abs/1705.08504 (2017)

    Google Scholar 

  12. Radford, A., Józefowicz, R., Sutskever, I.: Learning to generate reviews and discovering sentiment. CoRR, abs/1704.01444 (2017)

    Google Scholar 

  13. Jordaney, R., et al.: Transcend: detecting concept drift in malware classification models. In: 26th USENIX Security Symposium (USENIX Security 17), pp. 625–642. USENIX Association, Vancouver, BC (2017)

    Google Scholar 

  14. Wang, Z., Qin, M., Chen, M., Jia, C., Ma, Y.: A learning evasive email-based P2P-like botnet. China Commun. 15(2), 15–24 (2018)

    Article  Google Scholar 

  15. Wang, Z., et al.: A hybrid learning system to mitigate botnet concept drift attacks. J. Internet Technol. 18(6), 1419–1428 (2017)

    Google Scholar 

  16. Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.: Drebin: effective and explainable detection of android malware in your pocket, February 2014

    Google Scholar 

  17. Grosse, K., Papernot, N., Manoharan, P., Backes, M., McDaniel, P.: Adversarial perturbations against deep neural networks for malware classification, June 2016

    Google Scholar 

Download references

Acknowledgment

This work is partially supported by the National Natural Science Foundation (61872202), the CERNET Innovation Project (NGII20180401).

Author information

Authors and Affiliations

Authors

Corresponding authors

Correspondence to Zhi Wang or Chunfu Jia .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Wang, X., Wang, Z., Shao, W., Jia, C., Li, X. (2019). Explaining Concept Drift of Deep Learning Models. In: Vaidya, J., Zhang, X., Li, J. (eds) Cyberspace Safety and Security. CSS 2019. Lecture Notes in Computer Science(), vol 11983. Springer, Cham. https://doi.org/10.1007/978-3-030-37352-8_46

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-37352-8_46

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-37351-1

  • Online ISBN: 978-3-030-37352-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics