Attack and Defense of Dynamic Analysis-Based, Adversarial Neural Malware Detection Models

Stokes, Jack W.; De, Wang; Marinescu, Mady; Marino, Marc; Bussone, Brian

doi:10.1109/milcom.2018.8599855

Cited by 25 publications

(20 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The only defense that provided significant robustness is adversarial training. We use the saddle point formulation presented in [24] and the results look promising. It improves robustness against all attacks that adhere to our threat model.…”

Section: Discussionmentioning

confidence: 99%

“…Stokes et al [24] propose different variants for creating adversarial examples, relaxing the constraints on allowed modifications. Instead of only adding features, which preserves the functionality of the malware, the authors also allow for the removal of features.…”

Section: Feature Enabling and Disablingmentioning

confidence: 99%

“…A modification of the ensemble method is proposed by Tramèr [24] looked at ensemble learning to defend malware detectors. In our experiments we train three different models and combine them into an ensemble.…”

Section: Ensemblesmentioning

confidence: 99%

See 2 more Smart Citations

On Effectiveness of Adversarial Examples and Defenses for Malware Classification

Takabi

2019

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

Artificial neural networks have been successfully used for many different classification tasks including malware detection and distinguishing between malicious and non-malicious programs. Although artificial neural networks perform very well on these tasks, they are also vulnerable to adversarial examples. An adversarial example is a sample that has minor modifications made to it so that the neural network misclassifies it. Many techniques have been proposed, both for crafting adversarial examples and for hardening neural networks against them. Most previous work has been done in the image domain. Some of the attacks have been adopted to work in the malware domain which typically deals with binary feature vectors. In order to better understand the space of adversarial examples in malware classification, we study different approaches of crafting adversarial examples and defense techniques in the malware domain and compare their effectiveness on multiple datasets.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Feature Enabling and Disablingmentioning

confidence: 99%

See 1 more Smart Citation

On Effectiveness of Adversarial Examples and Defenses for Malware Classification

Takabi

2019

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

View full text Add to dashboard Cite

show abstract

“…This family sits silently, collecting information and sending it to a remote location. Its variants have a wide range of actions 10 . Calleja [48] has particular analysed on Plankton.…”

Section: E Tf-simhashing Visualizationmentioning

confidence: 99%

“…Although deep learning models can be this neural network, it is computationally very expensive to use backpropagation to learn a very large feature space. A common solution for this situation is to use random projection techniques [10]. The projected feature space is then fed to the deep neural network.…”

Section: Introductionmentioning

confidence: 99%

Malytics: A Malware Detection Scheme

et al. 2018

View full text Add to dashboard Cite

An important problem of cyber-security is malware analysis. Besides good precision and recognition rate, a malware detection scheme needs to be able to generalize well for novel malware families (a.k.a zero-day attacks). It is important that the system does not require excessive computation particularly for deployment on the mobile devices.In this paper, we propose a novel scheme to detect malware which we call Malytics. It is not dependent on any particular tool or operating system. It extracts static features of any given binary file to distinguish malware from benign. Malytics consists of three stages: feature extraction, similarity measurement and classification. The three phases are implemented by a neural network with two hidden layers and an output layer. We show feature extraction, which is performed by tf -simhashing, is equivalent to the first layer of a particular neural network. We evaluate Malytics performance on both Android and Windows platforms. Malytics outperforms a wide range of learning-based techniques and also individual state-of-the-art models on both platforms. We also show Malytics is resilient and robust in addressing zero-day malware samples. The F1-score of Malytics is 97.21% and 99.45% on Android dex file and Windows PE files respectively, in the applied datasets. The speed and efficiency of Malytics are also evaluated.

show abstract

Multi‐aspects AI‐based modeling and adversarial learning for cybersecurity intelligence and robustness: A comprehensive overview

Sarker

2023

Security and Privacy

View full text Add to dashboard Cite

Due to the rising dependency on digital technology, cybersecurity has emerged as a more prominent field of research and application that typically focuses on securing devices, networks, systems, data and other resources from various cyber-attacks, threats, risks, damages, or unauthorized access. Artificial Intelligence (AI), also referred to as a crucial technology of the current Fourth Industrial Revolution (Industry 4.0 or 4IR), could be the key to intelligently dealing with these cyber issues. Various forms of AI methodologies, such as analytical, functional, interactive, textual as well as visual AI can be employed to get the desired cyber solutions according to their computational capabilities. However, the dynamic nature and complexity of real-world situations and data gathered from various cyber sources make it challenging nowadays to build an effective AI-based security model. Moreover, defending robustly against adversarial attacks is still an open question in the area. In this paper, we provide a comprehensive view on "Cybersecurity Intelligence and Robustness", emphasizing multi-aspects AI-based modeling and adversarial learning that could lead to addressing diverse issues in various cyber applications areas such as detecting malware or intrusions, zero-day attacks, phishing, data breach, cyberbullying and other cybercrimes. Thus the eventual security modeling process could be automated, intelligent, and robust compared to traditional security systems. We also emphasize and draw attention to the future aspects of cybersecurity intelligence and robustness along with the research direction within the context of our study. Overall, our goal is not only to explore AI-based modeling and pertinent methodologies but also to focus on the resulting model's applicability for securing our digital systems and society.

show abstract

Attack and Defense of Dynamic Analysis-Based, Adversarial Neural Malware Detection Models

Cited by 25 publications

References 22 publications

On Effectiveness of Adversarial Examples and Defenses for Malware Classification

On Effectiveness of Adversarial Examples and Defenses for Malware Classification

Malytics: A Malware Detection Scheme

Multi‐aspects AI‐based modeling and adversarial learning for cybersecurity intelligence and robustness: A comprehensive overview

Contact Info

Product

Resources

About