Visible to the public Malware Evasion Attack and Defense

TitleMalware Evasion Attack and Defense
Publication TypeConference Paper
Year of Publication2019
AuthorsHuang, Yonghong, Verma, Utkarsh, Fralick, Celeste, Infantec-Lopez, Gabriel, Kumar, Brajesh, Woodward, Carl
Conference Name2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W)
Date Publishedjun
ISBN Number978-1-7281-3030-9
Keywordsadversarial example, adversarial examples, Adversarial Machine Learning, black-box attacks, composability, Data models, defense, defense approaches, Detectors, Evasion Attack, grey-box evasion attacks, invasive software, learning (artificial intelligence), machine learning classifiers, Malware, malware detection systems, malware evasion attack, Metrics, ML classifier, ML-based malware detector, pattern classification, Perturbation methods, pubcrawl, resilience, Resiliency, security, Training, Training data, white box cryptography, White Box Security, white-box evasion attacks

Machine learning (ML) classifiers are vulnerable to adversarial examples. An adversarial example is an input sample which is slightly modified to induce misclassification in an ML classifier. In this work, we investigate white-box and grey-box evasion attacks to an ML-based malware detector and conduct performance evaluations in a real-world setting. We compare the defense approaches in mitigating the attacks. We propose a framework for deploying grey-box and black-box attacks to malware detection systems.

Citation Keyhuang_malware_2019