Adversarial Learning Attacks on Graph-based IoT Malware Detection Systems

Abusnaina, Ahmed; Khormali, Aminollah; Alasmary, Hisham; Park, Jeman; Anwar, Afsah; Mohaisen, Aziz

doi:10.1109/icdcs.2019.00130

Cited by 67 publications

(45 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Table 1). Detailed discussion regarding OSAA can be found in [1]. • GEA: This approach is designed to generate AE that fools the classifier, while preserving the functionality and practicality of the original sample.…”

Section: Evaluation and Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Breaking graph-based IoT malware detection systems using adversarial examples

Abusnaina

Khormali

Alasmary

et al. 2019

Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks

Self Cite

View full text Add to dashboard Cite

The main goal of this study is to investigate the robustness of graphbased Deep Learning (DL) models used for Internet of Things (IoT) malware classification against Adversarial Learning (AL). We designed two approaches to craft adversarial IoT software, including Off-the-Shelf Adversarial Attack (OSAA) methods, using six different AL attack approaches, and Graph Embedding and Augmentation (GEA). The GEA approach aims to preserve the functionality and practicality of the generated adversarial sample through a careful embedding of a benign sample to a malicious one. Our evaluations demonstrate that OSAAs are able to achieve a misclassification rate (MR) of 100%. Moreover, we observed that the GEA approach is able to misclassify all IoT malware samples as benign. CCS CONCEPTS • Security and privacy → Malware and its mitigation.

show abstract

Section: Evaluation and Discussionmentioning

confidence: 99%

“…ACM ISBN 978-1-4503-6726-4/19/05. https://doi.org/10.1145/3317549.3326296 little research work done on understanding the impact of AL on DLbased IoT malware detection system and practical implications [3], particularly those that utilize CFG features for detection [1]. Goal of this study.…”

Section: Introductionmentioning

confidence: 99%

Breaking graph-based IoT malware detection systems using adversarial examples

Abusnaina

Khormali

Alasmary

et al. 2019

Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks

Self Cite

View full text Add to dashboard Cite

show abstract

“…Existing research scheme improved the performance of the topology of network without modifications in the structure of distributed nodes. Moreover, we observed that the GEA strategy is definitely capable to mis-classify all IoT malware samples as benign [9]. The attack chart analysis methodology includes three primary levels: (1) network and vulnerability scanning, (2) threat modeling.…”

Section: Figure 1-illustration Of Attack Graph [7]mentioning

confidence: 99%

“…This recognition method can also reduce the detection range, increase recognition accuracy, and improve the robustness and scalability of the detection program [10]. Botnets such as Mirai have utilized insecure consumer IoT products to conduct distributed denial of services (DDoS) events on essential Internet infrastructure [9].…”

Section: Figure 1-illustration Of Attack Graph [7]mentioning

confidence: 99%

Development of QoS Evaluation Algorithm for MQTT Protocol with Reference to Threat Model

2019

ijeat

View full text Add to dashboard Cite

MQTT protocol is publishing-subscribing model for IoT communication. In case of Quality of Services analysis, it is important to check the request and responses between publisher and subscriber. Any threat in communication channel is mostly leads to delay in operation. Hence, if we able to identify the delay parameter, we can suggest by means of QoS that there is a immediate need of security check for IoT system. As many IoT devices performed in unchecked, complicated, and often aggressive surroundings, safe-guarding IoT units present many different challenges. The key purpose for support quality degradation of IoT device interaction can be harmful attacks. Plenty of gadgets are often susceptible to port attacks/botnets hits, such as network attack events, which usually assessed by performing QoS Analysis. To start with factors affecting Quality of Services (QoS), in this paper we developed QoS evaluation algorithm “MQoS” for MQTT protocol and considered QoS-0 as an evaluation parameter. This paper refers the threat model which represents the flow of threats for proposed case study and can help to identify QoS by evaluating the possible communication threats. End–to-end device communication requests and responses are needed to be evaluated for large systems to get the actual QoS parameters for that system. For this reason the actual QoS tests will be conducted for third party applications.In this paper we presented results of MQTTv311 simulation for cooling sensor system.

show abstract

“…However, similar to Convolutional Neural Networks (CNNs), GNNs are also vulnerable to adversarial attacks, one of which is the backdoor attack. Since GNNs are used increasingly more for security applications [1], it is important to study the backdoor attack on GNNs. Otherwise, security concerns will remain.…”

Section: Introductionmentioning

confidence: 99%

Explainability-based Backdoor Attacks Against Graph Neural Networks

Xue

Picek

2021

Proceedings of the 3rd ACM Workshop on Wireless Security and Machine Learning

View full text Add to dashboard Cite

Backdoor attacks represent a serious threat to neural network models. A backdoored model will misclassify the trigger-embedded inputs into an attacker-chosen target label while performing normally on other benign inputs. There are already numerous works on backdoor attacks on neural networks, but only a few works consider graph neural networks (GNNs). As such, there is no intensive research on explaining the impact of trigger injecting position on the performance of backdoor attacks on GNNs.To bridge this gap, we conduct an experimental investigation on the performance of backdoor attacks on GNNs. We apply two powerful GNN explainability approaches to select the optimal trigger injecting position to achieve two attacker objectives -high attack success rate and low clean accuracy drop. Our empirical results on benchmark datasets and state-of-the-art neural network models demonstrate the proposed method's effectiveness in selecting trigger injecting position for backdoor attacks on GNNs. For instance, on the node classification task, the backdoor attack with trigger injecting position selected by GraphLIME reaches over 84% attack success rate with less than 2.5% accuracy drop. CCS CONCEPTS• Security and privacy → Software and application security;

show abstract

Adversarial Learning Attacks on Graph-based IoT Malware Detection Systems

Cited by 67 publications

References 29 publications

Breaking graph-based IoT malware detection systems using adversarial examples

Breaking graph-based IoT malware detection systems using adversarial examples

Development of QoS Evaluation Algorithm for MQTT Protocol with Reference to Threat Model

Explainability-based Backdoor Attacks Against Graph Neural Networks

Contact Info

Product

Resources

About