Adversarial Deep Ensemble: Evasion Attacks and Defenses for Malware Detection

Li, Deqiang; Li, Qianmu

doi:10.1109/tifs.2020.3003571

Cited by 117 publications

(82 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…More generic and stable approaches are therefore required to solve these problems. Researchers are developing ensemble classifiers [33][34][35][36][37] that are less vulnerable to the limitations of malware datasets. Ensemble methods [38,39] combine multiple machine learning algorithms to improve final prediction accuracy while minimizing the risk of overfitting in the training outcomes so that the training dataset can be used more efficiently and, as a consequence, higher generalization can be attained.…”

Section: Related Workmentioning

confidence: 99%

Windows PE Malware Detection Using Ensemble Learning

et al. 2021

View full text Add to dashboard Cite

In this Internet age, there are increasingly many threats to the security and safety of users daily. One of such threats is malicious software otherwise known as malware (ransomware, Trojans, viruses, etc.). The effect of this threat can lead to loss or malicious replacement of important information (such as bank account details, etc.). Malware creators have been able to bypass traditional methods of malware detection, which can be time-consuming and unreliable for unknown malware. This motivates the need for intelligent ways to detect malware, especially new malware which have not been evaluated or studied before. Machine learning provides an intelligent way to detect malware and comprises two stages: feature extraction and classification. This study suggests an ensemble learning-based method for malware detection. The base stage classification is done by a stacked ensemble of fully-connected and one-dimensional convolutional neural networks (CNNs), whereas the end-stage classification is done by a machine learning algorithm. For a meta-learner, we analyzed and compared 15 machine learning classifiers. For comparison, five machine learning algorithms were used: naïve Bayes, decision tree, random forest, gradient boosting, and AdaBoosting. The results of experiments made on the Windows Portable Executable (PE) malware dataset are presented. The best results were obtained by an ensemble of seven neural networks and the ExtraTrees classifier as a final-stage classifier.

show abstract

Section: Related Workmentioning

confidence: 99%

Windows PE Malware Detection Using Ensemble Learning

et al. 2021

View full text Add to dashboard Cite

show abstract

“…Multiple independent models jointly constitute the AI system. And the possibility of the whole system being affected by the poisoning attack is further reduced due to the different training datasets adopted by multiple models [79].…”

Section: Ensemble Learningmentioning

confidence: 99%

A Survey on Adversarial Attack in the Age of Artificial Intelligence

Kong

Xue

Wang

et al. 2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

With the rapid evolution of the Internet, the application of artificial intelligence fields is more and more extensive, and the era of AI has come. At the same time, adversarial attacks in the AI field are also frequent. Therefore, the research into adversarial attack security is extremely urgent. An increasing number of researchers are working in this field. We provide a comprehensive review of the theories and methods that enable researchers to enter the field of adversarial attack. This article is according to the “Why? → What? → How?” research line for elaboration. Firstly, we explain the significance of adversarial attack. Then, we introduce the concepts, types, and hazards of adversarial attack. Finally, we review the typical attack algorithms and defense techniques in each application area. Facing the increasingly complex neural network model, this paper focuses on the fields of image, text, and malicious code and focuses on the adversarial attack classifications and methods of these three data types, so that researchers can quickly find their own type of study. At the end of this review, we also raised some discussions and open issues and compared them with other similar reviews.

show abstract

“…The evasion attack has extensive applications using adversarial examples (Suciu et al 2019). Li and Li (2020) proposed a mixture of attacks to generate AME without ruining its malicious functionality using semantic characteristics and byte features. Grosse et al (2016) constructed highly effective AME crafting attacks using an improved FFNN.…”

Section: Adversarial Malware Examples For Evasion Attackmentioning

confidence: 99%

LSGAN-AT: enhancing malware detector robustness against adversarial examples

et al. 2021

View full text Add to dashboard Cite

Adversarial Malware Example (AME)-based adversarial training can effectively enhance the robustness of Machine Learning (ML)-based malware detectors against AME. AME quality is a key factor to the robustness enhancement. Generative Adversarial Network (GAN) is a kind of AME generation method, but the existing GAN-based AME generation methods have the issues of inadequate optimization, mode collapse and training instability. In this paper, we propose a novel approach (denote as LSGAN-AT) to enhance ML-based malware detector robustness against Adversarial Examples, which includes LSGAN module and AT module. LSGAN module can generate more effective and smoother AME by utilizing brand-new network structures and Least Square (LS) loss to optimize boundary samples. AT module makes adversarial training using AME generated by LSGAN to generate ML-based Robust Malware Detector (RMD). Extensive experiment results validate the better transferability of AME in terms of attacking 6 ML detectors and the RMD transferability in terms of resisting the MalGAN black-box attack. The results also verify the performance of the generated RMD in the recognition rate of AME.

show abstract

Adversarial Deep Ensemble: Evasion Attacks and Defenses for Malware Detection

Cited by 117 publications

References 30 publications

Windows PE Malware Detection Using Ensemble Learning

Windows PE Malware Detection Using Ensemble Learning

A Survey on Adversarial Attack in the Age of Artificial Intelligence

LSGAN-AT: enhancing malware detector robustness against adversarial examples

Contact Info

Product

Resources

About