Evading API Call Sequence Based Malware Classifiers
作者: Fenil Fadadu , Anand Handa , Nitesh Kumar , Sandeep Kumar Shukla
DOI: 10.1007/978-3-030-41579-2_2
关键词: Artificial intelligence 、 Transformation (function) 、 Payload (computing) 、 Adversarial machine learning 、 Evasion (network security) 、 Computer science 、 Sequence 、 Random forest 、 Machine learning 、 Decision tree 、 Malware
摘要: In this paper, we present a mimicry attack to transform malware binary, which can evade detection by API call sequence based classifiers. While original was detectable classifiers, transformed malware, when run, with modified without compromising the payload of original, is effectively able avoid detection. Our model effective against large set classifiers includes linear models such as Random Forest (RF), Decision Tree (DT) and XGBoost fully connected NNs, CNNs RNNs its variants. implementation easy use (i.e., transformation only requires running couple commands) generic works for any requiring specific changes). We also show that adversarial retraining make robust evasion attacks.
springer.com
sci-hub.st 参考文章(11)
Fabian Pedregosa, Gaël Varoquaux, Alexandre Gramfort, Vincent Michel, Bertrand Thirion, Olivier Grisel, Mathieu Blondel, Andreas Müller, Joel Nothman, Gilles Louppe, Peter Prettenhofer, Ron Weiss, Vincent Dubourg, Jake Vanderplas, Alexandre Passos, David Cournapeau, Matthieu Brucher, Matthieu Perrot, Édouard Duchesnay, Scikit-learn: Machine Learning in Python Journal of Machine Learning Research. ,vol. 12, pp. 2825- 2830 ,(2011)
Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, Konrad Rieck, CERT Siemens, DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket. network and distributed system security symposium. ,(2014) , 10.14722/NDSS.2014.23247
Nicolas Papernot, Patrick D. McDaniel, Kathrin Grosse, Praveen Manoharan, Michael Backes, Adversarial Perturbations Against Deep Neural Networks for Malware Classification arXiv: Cryptography and Security. ,(2016)
Ishai Rosenberg, Asaf Shabtai, Lior Rokach, Yuval Elovici, Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers recent advances in intrusion detection. pp. 490- 510 ,(2018) , 10.1007/978-3-030-00470-5_23
Lingwei Chen, Yanfang Ye, Thirimachos Bourlai, Adversarial Machine Learning in Malware Detection: Arms Race between Evasion Attack and Defense european intelligence and security informatics conference. pp. 99- 106 ,(2017) , 10.1109/EISIC.2017.21
Emil C. Lupu, Luis Muñoz-González, András György, Andrea Paudice, Detection of Adversarial Training Examples in Poisoning Attacks through Anomaly Detection. arXiv: Machine Learning. ,(2018)
Benny Pinkas, Joseph Keshet, Felix Kreuk, Shir Aviv-Reuven, Assi Barak, Moran Baruch, Adversarial Examples on Discrete Sequences for Beating Whole-Binary Malware Detection. ,(2018)
Naveed Akhtar, Ajmal Mian, Threat of Adversarial Attacks on Deep Learning in Computer Vision: A Survey IEEE Access. ,vol. 6, pp. 14410- 14430 ,(2018) , 10.1109/ACCESS.2018.2807385
Jack W. Stokes, De Wang, Mady Marinescu, Marc Marino, Brian Bussone, Attack and Defense of Dynamic Analysis-Based, Adversarial Neural Malware Detection Models MILCOM 2018 - 2018 IEEE Military Communications Conference (MILCOM). pp. 1- 8 ,(2018) , 10.1109/MILCOM.2018.8599855
William Fleshman, Edward Raff, Richard Zak, Mark McLean, Charles Nicholas, Static Malware Detection & Subterfuge: Quantifying the Robustness of Machine Learning and Current Anti-Virus international conference on malicious and unwanted software. pp. 3- 10 ,(2018) , 10.1109/MALWARE.2018.8659360