Exploring Adversarial Examples in Malware Detection

Suciu, Octavian; Coull, Scott E.; Johns, Jeffrey

doi:10.48550/arxiv.1810.08280

Cited by 9 publications

(15 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The concept of using adversarial learning for generating malicious adversarial samples was previously investigated by [20,38,39,44] for generating malware that evade machine learning-based antimalware software and [14,17] for evading text classifiers.…”

Section: Related Workmentioning

confidence: 99%

MaskDGA: An Evasion Attack Against DGA Classifiers and Adversarial Defenses

2020

View full text Add to dashboard Cite

Domain generation algorithms (DGAs) are commonly used by botnets to generate domain names that bots can use to establish communication channels with their command and control servers. Recent publications presented deep learning classifiers that detect algorithmically generated domain (AGD) names in real time with high accuracy and thus significantly reduce the effectiveness of DGAs for botnet communication. In this paper, we present MaskDGA, an evasion technique that uses adversarial learning to modify AGD names in order to evade inline DGA classifiers, without the need for the attacker to possess any knowledge about the DGA classifier's architecture or parameters. MaskDGA was evaluated on four state-of-the-art DGA classifiers and outperformed the recently proposed CharBot and DeepDGA evasion techniques. We also evaluated MaskDGA on enhanced versions of the same classifiers equipped with common adversarial defenses (distillation and adversarial retraining). While the results show that adversarial retraining has some limited effectiveness against the evasion technique, it is clear that a more resilient detection mechanism is required. We also propose an extension to MaskDGA that allows an attacker to omit a subset of the modified AGD names based on the classification results of the attacker's trained model, in order to achieve a desired evasion rate.

show abstract

Section: Related Workmentioning

confidence: 99%

MaskDGA: An Evasion Attack Against DGA Classifiers and Adversarial Defenses

2020

View full text Add to dashboard Cite

show abstract

“…Adversarial Machine Learning Attacks: As analyzed in the previous section, majority of the defense solutions use ML. While the utilization of ML techniques increases the accuracy and enables to effectively detect never-before-seen ransomware samples, recent studies showed that ML-based classifiers are vulnerable attacks that may manipulate either the training data or test data to bypass detection [177]. Such attacks are called as Adversarial ML attacks, and have been applied not only in the computer vision domain, but also other domains including malware.…”

Section: Comprehensiveness Of Defense Solutionsmentioning

confidence: 99%

A Survey on Ransomware: Evolution, Taxonomy, and Defense Solutions

Oz,

Aris,

Levi

et al. 2021

Preprint

View full text Add to dashboard Cite

In recent years, ransomware has been one of the most notorious malware targeting end users, governments, and business organizations. It has become a very profitable business for cybercriminals with revenues of millions of dollars, and a very serious threat to organizations with financial loss of billions of dollars. Numerous studies were proposed to address the ransomware threat, including surveys that cover certain aspects of ransomware research. However, no study exists in the literature that gives the complete picture on ransomware and ransomware defense research with respect to the diversity of targeted platforms. Since ransomware is already prevalent in PCs/workstations/desktops/laptops, is becoming more prevalent in mobile devices, and has already hit IoT/CPS recently, and will likely grow further in the IoT/CPS domain very soon, understanding ransomware and analyzing defense mechanisms with respect to target platforms is becoming more imperative. In order to fill this gap and motivate further research, in this paper, we present a comprehensive survey on ransomware and ransomware defense research with respect to PCs/workstations, mobile devices, and IoT/CPS platforms. Specifically, covering 137 studies over the period of 1990-2020, we give a detailed overview of ransomware evolution, comprehensively analyze the key building blocks of ransomware, present a taxonomy of notable ransomware families, and provide an extensive overview of ransomware defense research (i.e., analysis, detection, and recovery) with respect to platforms of PCs/workstations, mobile devices, and IoT/CPS. Moreover, we derive an extensive list of open issues for future ransomware research. We believe this survey will motivate further research by giving a complete picture on state-of-the-art ransomware research. CCS Concepts: • Security and privacy → Malware and its mitigation.

show abstract

“…The Random Append attack and Gradient Append attacks are two types of append attacks which work by appending byte values from a uniform distribution sample and gradually modifying the appended byte values using the input gradient value. Two additional variations of append attacks; the benign append and the FGM Append were introduced by [65] which improves the long convergence time experienced in previous attacks.…”

Section: A Adversarial Attacks On ML For Endpoint Protectionmentioning

confidence: 99%

“…When malware binaries have exceeded the model's maximum size, it is impossible to append additional bytes to them. Hence a slack attack proposed by [65] exploits the existing bytes of the malware binaries. The most common form of the slack attack is the Slack FGM Attack which defines a set of slack bytes that can be freely modified without breaking the malware functionality.…”

Section: A Adversarial Attacks On ML For Endpoint Protectionmentioning

confidence: 99%

The Threat of Adversarial Attacks on Machine Learning in Network Security -- A Survey

Ibitoye¹,

Rana²,

Shehaby³

et al. 2019

Preprint

View full text Add to dashboard Cite

Machine learning models have made many decision support systems to be faster, more accurate and more efficient. However, applications of machine learning in network security face more disproportionate threat of active adversarial attacks compared to other domains. This is because machine learning applications in network security such as malware detection, intrusion detection, and spam filtering are by themselves adversarial in nature. In what could be considered an arms race between attackers and defenders, adversaries constantly probe machine learning systems with inputs which are explicitly designed to bypass the system and induce a wrong prediction. In this survey, we first provide a taxonomy of machine learning techniques, styles, and algorithms. We then introduce a classification of machine learning in network security applications. Next, we examine various adversarial attacks against machine learning in network security and introduce two classification approaches for adversarial attacks in network security. First, we classify adversarial attacks in network security based on a taxonomy of network security applications. Secondly, we categorize adversarial attacks in network security into a problem space vs. feature space dimensional classification model. We then analyze the various defenses against adversarial attacks on machine learning-based network security applications. We conclude by introducing an adversarial risk model and evaluate several existing adversarial attacks against machine learning in network security using the risk model. We also identify where each attack classification resides within the adversarial risk model.

show abstract

Exploring Adversarial Examples in Malware Detection

Cited by 9 publications

References 0 publications

MaskDGA: An Evasion Attack Against DGA Classifiers and Adversarial Defenses

MaskDGA: An Evasion Attack Against DGA Classifiers and Adversarial Defenses

A Survey on Ransomware: Evolution, Taxonomy, and Defense Solutions

The Threat of Adversarial Attacks on Machine Learning in Network Security -- A Survey

Contact Info

Product

Resources

About