BIDO: An Out-Of-Distribution Resistant Image-based Malware Detector
Wei Wang, Junhui Li, Chengbin Feng, Zhiwei Yang, Qi Mo
TL;DR
BIDO tackles the vulnerability of image-based Android malware detectors to out-of-distribution samples caused by code obfuscation and concept drift by reframing detection as likelihood estimation within a generative framework. It introduces a three-module architecture: APK image generation, cross-modal representation via an outer product space (OPS), and a flow-based generative classifier that maps cross-modal features to a Gaussian Mixture latent space for class-conditional likelihoods and intrinsic interpretation. The approach simultaneously enhances robustness to OOD and provides interpretable decisions by measuring latent-space distances to class centroids and using likelihood as a confidence score. Empirical results show that BIDO outperforms state-of-the-art baselines across ideal and obfuscated datasets, and ablations confirm the complementary benefits of generative modeling and cross-modal fusion. The work advances practical malware detection by delivering reliable interpretations tied to probabilistic structure, with potential impact on security systems and automated threat analysis.
Abstract
While image-based detectors have shown promise in Android malware detection, they often struggle to maintain their performance and interpretability when encountering out-of-distribution (OOD) samples. Specifically, OOD samples generated by code obfuscation and concept drift exhibit distributions that significantly deviate from the detector's training data. Such shifts not only severely undermine the generalisation of detectors to OOD samples but also compromise the reliability of their associated interpretations. To address these challenges, we propose BIDO, a novel generative classifier that reformulates malware detection as a likelihood estimation task. Unlike conventional discriminative methods, BIDO jointly produces classification results and interpretations by explicitly modeling class-conditional distributions, thereby resolving the long-standing separation between detection and explanation. Empirical results demonstrate that BIDO substantially enhances robustness against extreme obfuscation and concept drift while achieving reliable interpretation without sacrificing performance. The source code is available at https://github.com/whatishope/BIDO/.