Loading [MathJax]/extensions/TeX/extpfeil.js
MDEA: Malware Detection with Evolutionary Adversarial Learning | IEEE Conference Publication | IEEE Xplore

MDEA: Malware Detection with Evolutionary Adversarial Learning


Abstract:

Malware detection have used machine learning to detect malware in programs. These applications take in raw or processed binary data to neural network models to classify a...Show More

Abstract:

Malware detection have used machine learning to detect malware in programs. These applications take in raw or processed binary data to neural network models to classify as benign or malicious files. Even though this approach has proven effective against dynamic changes, such as encrypting, obfuscating and packing techniques, it is vulnerable to specific evasion attacks where that small changes in the input data cause misclassification at test time. This paper proposes a new approach: MDEA, an Adversarial Malware Detection model uses evolutionary optimization to create attack samples to make the network robust against evasion attacks. By retraining the model with the evolved malware samples, its performance improves a significant margin.
Date of Conference: 19-24 July 2020
Date Added to IEEE Xplore: 03 September 2020
ISBN Information:
Conference Location: Glasgow, UK
References is not available for this document.

I. Introduction

The high proliferation of and dependence on computing resources in daily life has greatly increased the potential of malware to harm consumers [1]. It is estimated that almost one in four computers operating in the U.S. were already infected by malware in 2008 [2] and according to Kaspersky Lab, up to one billion dollars was stolen from financial institutions worldwide due to malware attacks in 2015 [3]. More recently, the notorious and widespread NotPetya ransomware attack is estimated to have caused $ 10 billion dollars in damages worldwide. Even worse, as reported by McAfee Labs, the diversity of malware is still evolving in expanding areas such that in Q1 2018, on average, five new malware samples were generated per second [4]. As a specific example, total coin miner malware rose by 629% in Q1 to more than 2.9 million samples in 2018 [4].

Select All
1.
A. Acquisti and J. Grossklags, "Privacy attitudes and privacy behavior", Economics of Information Security Advances in Information Security, pp. 165-178.
2.
A. Plonk and A. Carblanc, Malicious software (malware): A security threat to the internet economy, 2008.
3.
K. Lab, "Carbanak apt: The great bank robbery", Securelist, 2015.
4.
C. Beek, T. Dunton, S. Grobman, M. Karlton, N. Minihane, C. Palm, et al., Mcafee labs threats report, 2018, [online] Available: https://www.mcafee.com/enterprise/enus/assets/reports/rp-quarterly-threats-jun-2018.pdf.
5.
T. Raffetseder, C. Kruegel and E. Kirda, "Detecting system emulators", Lecture Notes in Computer Science Information Security, pp. 1-18.
6.
T. Garfinkel, K. Adams, A. Warfield and J. Franklin, Compatibility is not transparency: Vmm detection myths and …, [online] Available: http://www.cs.cmu.edu/jfrankli/hotos07/vmmdetection hotos07.pdf.
7.
D. K. S. Reddy and A. K. Pujari, "N-gram analysis for computer virus detection", Journal in Computer Virology, vol. 2, no. 3, pp. 231-239, 2006.
8.
M. Narouei, M. Ahmadi, G. Giacinto, H. Takabi and A. Sami, "Dllminer: structural mining for malware detection", Security and Communication Networks, vol. 8, no. 18, pp. 3311-3322, 2015.
9.
K. Rieck, P. Trinius, C. Willems and T. Holz, "Automatic analysis of malware behavior using machine learning", Journal of Computer Security, vol. 19, no. 4, pp. 639-668, 2011.
10.
M. Zakeri, F. Faraji Daneshgar and M. Abbaspour, "A static heuristic approach to detecting malware targets", Security and Communication Networks, vol. 8, no. 17, pp. 3015-3027, 2015.
11.
W. Hardy, L. Chen, S. Hou, Y. Ye and X. Li, "Dl4md: A deep learning framework for intelligent malware detection", Proceedings of the International Conference on Data Mining (DMIN). The Steering Committee of The World Congress in Computer Science Computer Engineering and Applied Computing (WorldComp), pp. 61, 2016.
12.
D. Gibert, Convolutional neural networks for malware classification, 2016.
13.
J. Drew, M. Hahsler and T. Moore, "Polymorphic malware detection using sequence classification methods and ensembles", EURASIP Journal on Information Security, vol. 2017, no. 1, pp. 2, 2017.
14.
J. Yan, Y. Qi and Q. Rao, "Detecting malware with an ensemble method based on deep neural network", Security and Communication Networks, vol. 2018, 2018.
15.
B. Kolosnjaji, A. Demontis, B. Biggio, D. Maiorca, G. Giacinto, C. Eckert, et al., Adversarial malware binaries: Evading deep learning for malware detection in executables, 2018.
16.
I. Goodfellow, J. Pouget-Abadie, M. Mirza, B. Xu, D. Warde-Farley, S. Ozair, et al., "Generative adversarial nets", Advances in Neural Information Processing Systems 27, pp. 2672-2680, 2014, [online] Available: http://papers.nips.cc/paper/5423-generative-adversarial-nets.pdf.
17.
Kaggle:microsoft malware classification challenge (big 2015), 2015, [online] Available: https://www.kaggle.com/c/malware-classification.
18.
H. S. Anderson, A. Kharkar, B. Filar, D. Evans and P. Roth, "Learning to evade static pe machine learning malware models via reinforcement learning", arXiv preprint arXiv:1801.08917, Jan. 2018.
19.
Advanced malware detection - signatures vs. behavior analysis, 2017, [online] Available: https://www.infosecurity-magazine.com/opinions/malware-detectionsignatures/.
20.
A. Souri and R. Hosseini, "A state-of-the-art survey of malware detection approaches using data mining techniques", Human-centric Computing and Information Sciences, vol. 8, no. 1, Dec 2018.
21.
I. Santos, F. Brezo, J. Nieves, Y. K. Penya, B. Sanz, C. Laorden, et al., Idea: Opcode-sequence-based malware detection, Feb 2010, [online] Available: https://link.springer.com/chapter/10.1007/978-3-642-11747-33.
22.
M. D. Preda, M. Christodorescu, S. Jha and S. Debray, "A semanticsbased approach to malware detection", ACM SIGPLAN Notices, vol. 42, no. 1, pp. 377, 2007.
23.
J. B. Fraley and M. Figueroa, "Polymorphic malware detection using topological feature extraction with data mining", SoutheastCon 2016, 2016.
24.
Z.-U. Rehman, S. N. Khan, K. Muhammad, J. W. Lee, Z. Lv, S. W. Baik, et al., "Machine learning-assisted signature and heuristic-based detection of malwares in android devices", Computers and Electrical Engineering, vol. 69, pp. 828-841, 2018.
25.
Z. Yuan, Y. Lu and Y. Xue, "Droiddetector: android malware characterization and detection using deep learning", Tsinghua Science and Technology, vol. 21, no. 1, pp. 114-123, 2016.
26.
A. Singh, A. Handa, N. Kumar and S. K. Shukla, "Malware classification using image representation", CSCML, 2019.
27.
E. Raff, J. Barker, J. Sylvester, R. Brandon, B. Catanzaro and C. Nicholas, Malware detection by eating a whole exe, 2017.
28.
A. Nguyen, J. Yosinski and J. Clune, Deep neural networks are easily fooled: High confidence predictions for unrecognizable images, 2014.
29.
I. J. Goodfellow, J. Pouget-Abadie, M. Mirza, B. Xu, D. Warde-Farley, S. Ozair, et al., Generative adversarial networks, 2014.
30.
T. Salimans, J. Ho, X. Chen, S. Sidor and I. Sutskever, Evolution strategies as a scalable alternative to reinforcement learning, 2017.

References

References is not available for this document.