A Comparison of State-of-the-Art Techniques for Generating Adversarial Malware Binaries

Dasgupta, Prithviraj; Osman, Zachariah

doi:10.48550/arxiv.2111.11487

Cited by 1 publication

(2 citation statements)

References 23 publications

(29 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We chose MalConv, a popular DL-based static malware detection model, which is used as the target model for many malware adversarial attacks [14,15,[30][31][32][33][34][35]. We reproduced the model using the Python programming language.…”

Section: The Experimental Results Of Malware Detectormentioning

confidence: 99%

“…The function of this step is to train a mature malware detection model. For the DL-based static malware detector, we choose the MalConv model(as shown in Figure 3), which is not only the current popular malware detection model, but also the target model selected by many malware adversarial attacks [14,15,[30][31][32][33][34][35]. By training the MalConv model, a binary classifier that can distinguish benign samples from malicious samples can be obtained.…”

Section: Our Scheme 41 Training Malware Detectormentioning

confidence: 99%

See 1 more Smart Citation

MalDBA: Detection for Query-Based Malware Black-Box Adversarial Attacks

et al. 2023

View full text Add to dashboard Cite

The increasing popularity of Industry 4.0 has led to more and more security risks, and malware adversarial attacks emerge in an endless stream, posing great challenges to user data security and privacy protection. In this paper, we investigate the stateful detection method for artificial intelligence deep learning-based malware black-box attacks, i.e., determining the presence of adversarial attacks rather than detecting whether the input samples are malicious or not. To this end, we propose the MalDBA method for experiments on the VirusShare dataset. We find that query-based black-box attacks produce a series of highly similar historical query results (also known as intermediate samples). By comparing the similarity among these intermediate samples and the trend of prediction scores returned by the detector, we can detect the presence of adversarial samples in indexed samples and thus determine whether an adversarial attack has occurred, and then protect user data security and privacy. The experimental results show that the attack detection rate can reach 100%. Compared to similar studies, our method does not require heavy feature extraction tasks or image conversion and can be operated on complete PE files without requiring a strong hardware platform.

show abstract