2022
DOI: 10.1007/978-3-031-17143-7_21
|View full text |Cite
|
Sign up to set email alerts
|

MaleficNet: Hiding Malware into Deep Neural Networks Using Spread-Spectrum Channel Coding

Abstract: Training high-quality deep learning models is a challenging task due to computational and technical requirements. A growing number of individuals, institutions, and companies increasingly rely on pre-trained, third-party models made available in public repositories. These models are often used directly or integrated in product pipelines with no particular precautions, since they are effectively just data in tensor form and considered safe.In this paper, we raise awareness of a new machine learning supply chain… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
4
0

Year Published

2024
2024
2024
2024

Publication Types

Select...
2
1
1

Relationship

0
4

Authors

Journals

citations
Cited by 4 publications
(4 citation statements)
references
References 49 publications
0
4
0
Order By: Relevance
“…Instead of embedding the data in the model's function, other studies tried embedding the data in the model's parameters using stenography [23,24,56]. However, as shown in Section VI, we found that these methods are easily mitigated during export if a small amount of random Gaussian noise is added to the parameters.…”
Section: B Data Extractionmentioning
confidence: 93%
“…Instead of embedding the data in the model's function, other studies tried embedding the data in the model's parameters using stenography [23,24,56]. However, as shown in Section VI, we found that these methods are easily mitigated during export if a small amount of random Gaussian noise is added to the parameters.…”
Section: B Data Extractionmentioning
confidence: 93%
“…To build a ground truth dataset of Indicator objects, we retrieve scanning reports from three services: VirusTotal, HybridAnalysis, and MetaDefender, which are widely used to validate threat indicators [28], [38], [37], [21], [55]. For each attribute type (i.e., malware hashes, domains, URLs, and IP addresses), VirusTotal and MetaDefender provide detection results from various anomaly detection engines, and HybridAnalysis provides a threat score with three status tags (i.e., malicious, suspicious, and no specific threat).…”
Section: A Improper Valuementioning
confidence: 99%
“…To obtain more reliable and accurate actual security threat data, we use at least three representative services related to each measurement (e.g., VirusTotal, Hybri-dAnalysis, and MetaDefender for the timeliness analysis) as sources of security threat data instead of relying on a single service. Note that these sources are widely used as ground truth in prior works [28], [38], [37], [21], [55], [67], [59], [32].…”
Section: Limitationsmentioning
confidence: 99%
“…Decision trees provided a straightforward yet powerful means of classifying ransomware activities based on distinct features, which helped in isolating anomalous patterns indicative of ransomware attacks [1], [2]. Neural networks, with their deep learning capabilities, allowed for the modeling of complex relationships within large datasets, significantly enhancing the ability to detect subtle ransomware signatures that traditional methods might overlook [3], [4]. Support vector machines leveraged hyperplane-based classification to separate benign from malicious activities with high accuracy, thus offering a robust solution for early-stage ransomware detection [5]- [7].…”
Section: A Machine Learning Approachesmentioning
confidence: 99%