Computer Science

Computer Science ›› 2021, Vol. 48 ›› Issue (5): 60-67.doi: 10.11896/jsjkx.200300127

• Computer Software • Previous Articles     Next Articles

Black-box Adversarial Attack Method Towards Malware Detection

CHEN Jin-yin, ZOU Jian-fei, YUAN Jun-kun, YE Lin-hui   

  1. School of Information Engineering,Zhejiang University of Technology,Hangzhou 310023,China
  • Received:2020-03-23 Revised:2020-08-28 Online:2021-05-15 Published:2021-05-09
  • About author:CHEN Jin-yin,born in 1982,Ph.D,associate professor.Her main research interests include artificial intelligence security,data mining and intelligent computing.
  • Supported by:
    Major Special Funding for “Science and Technology Innovation 2025” of Ningbo,China(2018B10063).

PDF (PC)

1240

Abstract: Deep learning method has been widely used in malware detection,which also has an excellent performance in the aspect of classification accuracy.Meanwhile,deep neural networks are vulnerable to adversarial attacks in the form of subtle perturbations added on the input data,resulting in incorrect predictive results,such as escaping the malware detection.Aiming at the security of malware detection method based on deep learning,this paper proposes a black-box adversarial attack method towards the malware detection model.First,it uses the generative adversarial net model to generate the adversarial examples.Then,the gene-rated adversarial examples are identified as the pre-set target type to achieve the target attack.Finally,experiments are carried out on the Kaggle competition malware dataset to verify the effectiveness of the black-box attack method.Furthermore,the generated adversarial examples are applied to attack other classification models to testify the strong transfer attack capacity of the proposed black-box attack method.

Key words: Adversarial attack, Black-box attack, Deep learning, Generative adversarial network, Malware detection

CLC Number: 

  • TP391
[1]KEPHART J O.Automatic extraction of computer virus signatures[C]//Proc.4th Virus Bulletin International Conference.Abingdon,England,1994:178-184.
[2]BRUMLEY D,WANG H,JHA S,et al.Creating Vulnerability Signatures Using Weakest Preconditions[C]//20th IEEE Computer Security Foundations Symposium(CSF'07).Venice,2007:311-325.
[3]WANG K,CRETU G,STOLFO S J.Anomalous Payload-Based Worm Detection and Signature Generation[C]//Recent Advances in Intrusion Detection.RAID,2005:227-246.
[4]PORTOKALIDIS G,SLOWINSKA A,BOS H.Argos:an emulator for fingerprinting zero-day attacks[C]//EuroSys 2006.2006.
[5]GOODFELLOW I J,SHLENS J,SZEGEDY C.Explaining and harnessing adversarial examples[J].arXiv:1412.6572,2014.
[6]SZEGEDY C,ZAREMBA W,SUTSKEVER I,et al.Intriguing properties of neural networks[J].arXiv:1312.6199,2013.
[7]YE Y,LI T,ZHU S,et al.Combining file content and file rela-tions for cloud based malware detection[C]//Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining.ACM,2011:222-230.
[8]SUNG A H,XU J,CHAVEZ P,et al.Static analyzer of vicious executables(save)[C]//20th Annual Computer Security Applications Conference.IEEE,2004:326-334.
[9]KENDALL K,MCMILLAN C.Practical malware analysis[C]//Black Hat Conference.2007:10.
[10]BAZRAFSHAN Z,HASHEMI H,FARD S M H,et al.A survey on heuristic malware detection techniques[C]//The 5th Conference on Information and Knowledge Technology.IEEE,2013:113-120.
[11]YE Y,LI T,ADJEROH D,et al.A survey on malware detection using data mining techniques[J].ACM Computing Surveys(CSUR),2017,50(3):41.
[12]EGELE M,SCHOLTE T,KIRDA E,et al.A survey on automated dynamic malware-analysis techniques and tools[J].ACM computing surveys(CSUR),2012,44(2):6.
[13]FOSSI M,JOHNSON E,MACK T,et al.Symantec global Internet security threat report trends for 2008[J].Methodology,2005(April):1-3.
[14]BERLIN K,SLATER D,SAXE J.Malicious behavior detection using windows audit logs[C]//Proceedings of the 8th ACM Workshop on Artificial Intelligence and Security.ACM,2015:35-44.
[15]KONG D,YAN G.Discriminant malware distance learning on structural information for automated malware classification[C]//Proceedings of the 19th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining.ACM,2013:1357-1365.
[16]ANNACHHATRE C,AUSTIN T H,STAMP M.HiddenMarkov models for malware classification[J].Journal of Computer Virology and Hacking Techniques,2015,11(2):59-73.
[17]GARCIA F C C,MUGA I I,FELIX P.Random forest for malware classification[J].arXiv:1609.07770,2016.
[18]YE Y,CHEN L,HOU S,et al.DeepAM:a heterogeneous deep learning framework for intelligent malware detection[J].Knowledge and Information Systems,2018,54(2):265-285.
[19]HUDA S,MIAH S,HASSAN M M,et al.Defending unknown attacks on cyber-physical systems by semi-supervised approach and available unlabeled data[J].Information Sciences,2017,379:211-228.
[20]WANG Q,GUO W,ZHANG K,et al.Adversary resistant deep neural networks with an application to malware detection[C]//Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining.ACM,2017:1145-1153.
[21]PASCANU R,STOKES J W,SANOSSIAN H,et al.Malware classification with recurrent networks[C]//2015 IEEE International Conference on Acoustics,Speech and Signal Processing(ICASSP).IEEE,2015:1916-1920.
[22]RAFF E,BARKER J,SYLVESTER J,et al.Malware detection by eating a whole exe[C]//Workshops at the Thirty-Second AAAI Conference on Artificial Intelligence.2018.
[23]KOLOSNJAJI B,DEMONTIS A,BIGGIO B,et al.Adversarial malware binaries:Evading deep learning for malware detection in executables[C]//2018 26th European Signal Processing Conference(EUSIPCO).IEEE,2018:533-537.
[24]KREUK F,BARAK A,AVIV-REUVEN S,et al.Deceiving end-to-end deep learning malware detectors using adversarial examples[J].arXiv:1802.04528,2018.
[25]HU W,TAN Y.Generating adversarial malware examples forblack-box attacks based on GAN[J].arXiv:1702.05983,2017.
[26]ANDERSON H S,KHARKAR A,FILAR B,et al.Evading machine learning malware detection[R].USA:Black Hat.,2017.
[27]KIM J Y,BU S J,CHO S B.Zero-day malware detection using transferred generative adversarial networks based on deep autoencoders[J].Information Sciences,2018,460:83-102.
[28]ROSENBERG I,SHABTAI A,ROKACH L,et al.Genericblack-box end-to-end attack against state of the art API call based malware classifiers[C]//International Symposium on Research in Attacks,Intrusions,and Defenses.Springer,Cham,2018:490-510.
[29]LI H,ZHOU S,YUAN W,et al.Adversarial-Example Attacks Toward Android Malware Detection System[J].IEEE Systems Journal,2019,14(1):653-656.
[30]GOODFELLOW I,POUGET-ABADIE J,MIRZA M,et al.Gene-rative adversarial nets[C]//Advances in Neural Information Processing Systems.2014:2672-2680.
[31]NATARAJ L,KARTHIKEYAN S,JACOB G,et al.Malwareimages:visualization and automatic classification[C]//Procee-dings of the 8th International Symposium on Visualization for Cyber Security.ACM,2011:4.
[32]RONEN R,RADU M,FEUERSTEIN C,et al.Microsoft malware classification challenge[J].arXiv:1802.10135,2018.
[33]RADFORD A,METZ L,CHINTALA S.Unsupervised repre-sentation learning with deep convolutional generative adversarial networks[J].arXiv:1511.06434,2015.
[34]LECUN Y,BOTTOU L,BENGIO Y,et al.Gradient-basedlearning applied to document recognition[C]//Proceedings of the IEEE.1998:2278-2324.
[1] RAO Zhi-shuang, JIA Zhen, ZHANG Fan, LI Tian-rui. Key-Value Relational Memory Networks for Question Answering over Knowledge Graph [J]. Computer Science, 2022, 49(9): 202-207.
[2] TANG Ling-tao, WANG Di, ZHANG Lu-fei, LIU Sheng-yun. Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy [J]. Computer Science, 2022, 49(9): 297-305.
[3] ZHANG Jia, DONG Shou-bin. Cross-domain Recommendation Based on Review Aspect-level User Preference Transfer [J]. Computer Science, 2022, 49(9): 41-47.
[4] XU Yong-xin, ZHAO Jun-feng, WANG Ya-sha, XIE Bing, YANG Kai. Temporal Knowledge Graph Representation Learning [J]. Computer Science, 2022, 49(9): 162-171.
[5] WANG Jian, PENG Yu-qi, ZHAO Yu-fei, YANG Jian. Survey of Social Network Public Opinion Information Extraction Based on Deep Learning [J]. Computer Science, 2022, 49(8): 279-293.
[6] HAO Zhi-rong, CHEN Long, HUANG Jia-cheng. Class Discriminative Universal Adversarial Attack for Text Classification [J]. Computer Science, 2022, 49(8): 323-329.
[7] JIANG Meng-han, LI Shao-mei, ZHENG Hong-hao, ZHANG Jian-peng. Rumor Detection Model Based on Improved Position Embedding [J]. Computer Science, 2022, 49(8): 330-335.
[8] SUN Qi, JI Gen-lin, ZHANG Jie. Non-local Attention Based Generative Adversarial Network for Video Abnormal Event Detection [J]. Computer Science, 2022, 49(8): 172-177.
[9] HOU Yu-tao, ABULIZI Abudukelimu, ABUDUKELIMU Halidanmu. Advances in Chinese Pre-training Models [J]. Computer Science, 2022, 49(7): 148-163.
[10] ZHOU Hui, SHI Hao-chen, TU Yao-feng, HUANG Sheng-jun. Robust Deep Neural Network Learning Based on Active Sampling [J]. Computer Science, 2022, 49(7): 164-169.
[11] SU Dan-ning, CAO Gui-tao, WANG Yan-nan, WANG Hong, REN He. Survey of Deep Learning for Radar Emitter Identification Based on Small Sample [J]. Computer Science, 2022, 49(7): 226-235.
[12] HU Yan-yu, ZHAO Long, DONG Xiang-jun. Two-stage Deep Feature Selection Extraction Algorithm for Cancer Classification [J]. Computer Science, 2022, 49(7): 73-78.
[13] DAI Zhao-xia, LI Jin-xin, ZHANG Xiang-dong, XU Xu, MEI Lin, ZHANG Liang. Super-resolution Reconstruction of MRI Based on DNGAN [J]. Computer Science, 2022, 49(7): 113-119.
[14] CHENG Cheng, JIANG Ai-lian. Real-time Semantic Segmentation Method Based on Multi-path Feature Extraction [J]. Computer Science, 2022, 49(7): 120-126.
[15] ZHU Wen-tao, LAN Xian-chao, LUO Huan-lin, YUE Bing, WANG Yang. Remote Sensing Aircraft Target Detection Based on Improved Faster R-CNN [J]. Computer Science, 2022, 49(6A): 378-383.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.