Adversarial Examples for Malware Detection

Grosse, Kathrin; Papernot, Nicolas; Manoharan, Praveen; Backes, Michael; McDaniel, Patrick

doi:10.1007/978-3-319-66399-9_4

Cited by 456 publications

(438 citation statements)

References 20 publications

Supporting

Mentioning

436

Contrasting

Order By: Relevance

“…A similar approach was also adopted in [11]. Furthermore, as discussed in [11], malware data contains stricter semantics in comparison to image data.…”

Section: Datasets and Experimental Designmentioning

confidence: 99%

“…A similar approach was also adopted in [11]. Furthermore, as discussed in [11], malware data contains stricter semantics in comparison to image data. In our case, each feature of a malware sample indicates whether or not a potential bit of malware has initiated a certain le system access.…”

Section: Datasets and Experimental Designmentioning

confidence: 99%

“…With the broad adoption of DNNs in malware detection, we speculate malware authors will also increasingly seek to exploit this vulnerability to circumvent malware detection. To note, recent research has already demonstrated that a malware author can leverage feature amplitude inequilibrium to bypass malware detectors powered by DNNs [1,11].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Adversary Resistant Deep Neural Networks with an Application to Malware Detection

Wang

Guo

Zhang

et al. 2017

Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining

138

View full text Add to dashboard Cite

Beyond its highly publicized victories in Go, there have been numerous successful applications of deep learning in information retrieval, computer vision and speech recognition. In cybersecurity, an increasing number of companies have become excited about the potential of deep learning, and have started to use it for various security incidents, the most popular being malware detection.ese companies assert that deep learning (DL) could help turn the tide in the ba le against malware infections. However, deep neural networks (DNNs) are vulnerable to adversarial samples, a aw that plagues most if not all statistical learning models. Recent research has demonstrated that those with malicious intent can easily circumvent deep learning-powered malware detection by exploiting this aw.In order to address this problem, previous work has developed various defense mechanisms that either augmenting training data or enhance model's complexity. However, a er a thorough analysis of the fundamental aw in DNNs, we discover that the e ectiveness of current defenses is limited and, more importantly, cannot provide theoretical guarantees as to their robustness against adversarial sampled-based a acks. As such, we propose a new adversary resistant technique that obstructs a ackers from constructing impactful adversarial samples by randomly nullifying features within samples. In this work, we evaluate our proposed technique against a real world dataset with 14,679 malware variants and 17,399 benign programs. We theoretically validate the robustness of our technique, and empirically show that our technique signi cantly boosts DNN robustness to adversarial samples while maintaining high accuracy in classi cation. To demonstrate the general applicability of our proposed method, we also conduct experiments using the MNIST and CIFAR-10 datasets, generally used in image recognition research. ACM Reference format:

show abstract

“…A similar approach was also adopted in [11]. Furthermore, as discussed in [11], malware data contains stricter semantics in comparison to image data.…”

Section: Datasets and Experimental Designmentioning

confidence: 99%

Section: Datasets and Experimental Designmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Adversary Resistant Deep Neural Networks with an Application to Malware Detection

Wang

Guo

Zhang

et al. 2017

Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining

138

View full text Add to dashboard Cite

show abstract

“…They are also used in computer security applications such as malware detection. One of the challenges in developing such models are intelligent adversaries who are actively trying to evade them by perturbing the trained model (Grosse, Papernot, Manoharan, Backes, & McDaniel, ).…”

Section: Adversarial Attacksmentioning

confidence: 99%

Machine learning in cybersecurity: A review

Handa

Sharma

Shukla

2019

WIREs Data Min & Knowl

106

View full text Add to dashboard Cite

Machine learning technology has become mainstream in a large number of domains, and cybersecurity applications of machine learning techniques are plenty. Examples include malware analysis, especially for zero‐day malware detection, threat analysis, anomaly based intrusion detection of prevalent attacks on critical infrastructures, and many others. Due to the ineffectiveness of signature‐based methods in detecting zero day attacks or even slight variants of known attacks, machine learning‐based detection is being used by researchers in many cybersecurity products. In this review, we discuss several areas of cybersecurity where machine learning is used as a tool. We also provide a few glimpses of adversarial attacks on machine learning algorithms to manipulate training and test data of classifiers, to render such tools ineffective. This article is categorized under: Application Areas > Science and Technology Technologies > Machine Learning Technologies > Classification Application Areas > Data Mining Software Tools

show abstract

“…Another example arise in the context of software classification, where the objective of the adversary is to force the machine learning algorithm to misclassify a malicious software (malware) as a benign one, for example [20], [21], [22]. In that context, there has been several works that provide involved approaches for such a task.…”

Section: Understanding the Space Of Robust Machine Learningmentioning

confidence: 99%

Computer Systems Have 99 Problems, Let's Not Make Machine Learning Another One

Mohaisen

Chen

2019

2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)

View full text Add to dashboard Cite

Machine learning techniques are finding many applications in computer systems, including many tasks that require decision making: network optimization, quality of service assurance, and security. We believe machine learning systems are here to stay, and to materialize on their potential we advocate a fresh look at various key issues that need further attention, including security as a requirement and system complexity, and how machine learning systems affect them. We also discuss reproducibility as a key requirement for sustainable machine learning systems, and leads to pursuing it.

show abstract

Adversarial Examples for Malware Detection

Cited by 456 publications

References 20 publications

Adversary Resistant Deep Neural Networks with an Application to Malware Detection

Adversary Resistant Deep Neural Networks with an Application to Malware Detection

Machine learning in cybersecurity: A review

Computer Systems Have 99 Problems, Let's Not Make Machine Learning Another One

Contact Info

Product

Resources

About