MPass: Bypassing Learning-based Static Malware Detectors

被引：0

作者：

Wang, Jialai ^{[1
]}

Qu, Wenjie ^{[2
]}

Rong, Yi ^{[1
]}

Qiu, Han ^{[1
]}

Li, Qi ^{[1
]}

Li, Zongpeng ^{[1
,3
]}

Zhang, Chao ^{[1
,4
]}

机构：

[1] Tsinghua Univ, Beijing, Peoples R China

[2] Huazhong Univ Sci & Technol, Wuhan, Peoples R China

[3] Quan Cheng Lab, Beijing, Peoples R China

[4] Zhongguancun Lab, Beijing, Peoples R China

来源：

2023 60TH ACM/IEEE DESIGN AUTOMATION CONFERENCE, DAC | 2023年

基金：

中国国家自然科学基金;

关键词：

D O I：

10.1109/DAC56929.2023.10247858

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Machine learning (ML) based static malware detectors are widely deployed, but vulnerable to adversarial attacks. Unlike images or texts, tiny modifications to malware samples would significantly compromise their functionality. Consequently, existing attacks against images or texts will be significantly restricted when being deployed on malware detectors. In this work, we propose a hard-label black-box attack MPass against ML-based detectors. MPass employs a problemspace explainability method to locate critical positions of malware, applies adversarial modifications to such positions, and utilizes a runtime recovery technique to preserve the functionality. Experiments show MPass outperforms existing solutions and bypasses both state-of-the-art offline models and commercial ML-based antivirus products.

引用

页数：6

共 50 条

[1] On the Deterioration of Learning-Based Malware Detectors for Android
Fu, Xiaoqin
Cai, Haipeng
2019 IEEE/ACM 41ST INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: COMPANION PROCEEDINGS (ICSE-COMPANION 2019), 2019, : 272 - 273
[2] Certified Robustness of Static Deep Learning-based Malware Detectors against Patch and Append Attacks
Gibert, Daniel
Zizzo, Giulio
Le, Quan
PROCEEDINGS OF THE 16TH ACM WORKSHOP ON ARTIFICIAL INTELLIGENCE AND SECURITY, AISEC 2023, 2023, : 173 - 184
[3] A Learning-based Static Malware Detection System with Integrated Feature
Chen, Zhiguo
Zhang, Xiaorui
Kim, Sungryul
INTELLIGENT AUTOMATION AND SOFT COMPUTING, 2021, 27 (03): : 891 - 908
[4] Slowing Down the Aging of Learning-Based Malware Detectors With API Knowledge
Zhang, Xiaohan
Zhang, Mi
Zhang, Yuan
Zhong, Ming
Zhang, Xin
Cao, Yinzhi
Yang, Min
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2023, 20 (02) : 902 - 916
[5] Beyond the Hype: An Evaluation of Commercially Available Machine Learning-based Malware Detectors
Bridges, Robert A.
Oesch, Sean
Iannacone, Michael D.
Huffer, Kelly M. T.
Jewell, Brian
Nichols, Jeff A.
Weber, Brian
Verma, Miki E.
Scofield, Daniel
Miles, Craig
Plummer, Thomas
Daniell, Mark
Tall, Anne M.
Beaver, Justin M.
Smith, Jared M.
DIGITAL THREATS: RESEARCH AND PRACTICE, 2023, 4 (02):
[6] Evading Deep Learning-Based Malware Detectors via Obfuscation: A Deep Reinforcement Learning Approach
Etter, Brian
Hu, James Lee
Ebrahimi, Mohammadreza
Li, Weifeng
Li, Xin
Chen, Hsinchun
2023 23RD IEEE INTERNATIONAL CONFERENCE ON DATA MINING WORKSHOPS, ICDMW 2023, 2023, : 1313 - 1321
[7] Combining Static and Dynamic Analysis to Improve Machine Learning-based Malware Classification
Chanajitt, Rajchada
Pfahringer, Bernhard
Gomes, Heitor Murilo
2021 IEEE 8TH INTERNATIONAL CONFERENCE ON DATA SCIENCE AND ADVANCED ANALYTICS (DSAA), 2021,
[8] Malware-Detection Model Using Learning-Based Discovery of Static Features
Hsiao, Shou-Ching
Kao, Da-Yu
Tso, Raylin
2018 IEEE CONFERENCE ON APPLICATION, INFORMATION AND NETWORK SECURITY (AINS 2018), 2018, : 54 - 59
[9] On the effectiveness of adversarial samples against ensemble learning-based windows PE malware detectors
To, Trong-Nghia
Kim, Danh Le
Hien, Do Thi Thu
Khoa, Nghi Hoang
Hoang, Hien Do
Duy, Phan The
Pham, Van-Hau
INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2025, 24 (01)
[10] Adversarial Robustness of Deep Learning-Based Malware Detectors via (De)Randomized Smoothing
Gibert, Daniel
Zizzo, Giulio
Le, Quan
Planes, Jordi
IEEE ACCESS, 2024, 12 : 61152 - 61162

← 1 2 3 4 5 →