MPass: Bypassing Learning-based Static Malware Detectors

被引:0
|
作者
Wang, Jialai [1 ]
Qu, Wenjie [2 ]
Rong, Yi [1 ]
Qiu, Han [1 ]
Li, Qi [1 ]
Li, Zongpeng [1 ,3 ]
Zhang, Chao [1 ,4 ]
机构
[1] Tsinghua Univ, Beijing, Peoples R China
[2] Huazhong Univ Sci & Technol, Wuhan, Peoples R China
[3] Quan Cheng Lab, Beijing, Peoples R China
[4] Zhongguancun Lab, Beijing, Peoples R China
来源
2023 60TH ACM/IEEE DESIGN AUTOMATION CONFERENCE, DAC | 2023年
基金
中国国家自然科学基金;
关键词
D O I
10.1109/DAC56929.2023.10247858
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Machine learning (ML) based static malware detectors are widely deployed, but vulnerable to adversarial attacks. Unlike images or texts, tiny modifications to malware samples would significantly compromise their functionality. Consequently, existing attacks against images or texts will be significantly restricted when being deployed on malware detectors. In this work, we propose a hard-label black-box attack MPass against ML-based detectors. MPass employs a problemspace explainability method to locate critical positions of malware, applies adversarial modifications to such positions, and utilizes a runtime recovery technique to preserve the functionality. Experiments show MPass outperforms existing solutions and bypasses both state-of-the-art offline models and commercial ML-based antivirus products.
引用
收藏
页数:6
相关论文
共 50 条
  • [31] A Novel and Efficient Sequential Learning-Based Malware Classification Model
    Abidine Bensalem, Zine El
    Benkhaddra, Ilyas
    Setitra, Mohamed Ali
    Fan, Mingyu
    2022 19th International Computer Conference on Wavelet Active Media Technology and Information Processing, ICCWAMTIP 2022, 2022,
  • [32] An Adversarial Reinforcement Learning Framework for Robust Machine Learning-based Malware Detection
    Ebrahimi, Mohammadreza
    Li, Weifeng
    Chai, Yidong
    Pacheco, Jason
    Chen, Hsinchun
    2022 IEEE INTERNATIONAL CONFERENCE ON DATA MINING WORKSHOPS, ICDMW, 2022, : 567 - 576
  • [33] A Learning-Based Approach to Static Program Slicing
    Yadavally, Aashish
    Li, Yi
    Wang, Shaohua
    Nguyen, Tien N.
    PROCEEDINGS OF THE ACM ON PROGRAMMING LANGUAGES-PACMPL, 2024, 8 (OOPSLA):
  • [34] Empirical assessment of machine learning-based malware detectors for AndroidMeasuring the gap between in-the-lab and in-the-wild validation scenarios
    Kevin Allix
    Tegawendé F. Bissyandé
    Quentin Jérome
    Jacques Klein
    Radu State
    Yves Le Traon
    Empirical Software Engineering, 2016, 21 : 183 - 211
  • [35] Investigating the Generalizability of Deep Learning-based Clone Detectors
    Choi, Eunjong
    Fuke, Norihiro
    Fujiwara, Yuji
    Yoshida, Norihiro
    Inoue, Katsuro
    2023 IEEE/ACM 31ST INTERNATIONAL CONFERENCE ON PROGRAM COMPREHENSION, ICPC, 2023, : 181 - 185
  • [36] FDD: a deep learning-based steel defect detectors
    Akhyar, Fityanul
    Liu, Ying
    Hsu, Chao-Yung
    Shih, Timothy K.
    Lin, Chih-Yang
    INTERNATIONAL JOURNAL OF ADVANCED MANUFACTURING TECHNOLOGY, 2023, 126 (3-4): : 1093 - 1107
  • [37] Meizodon: Security Benchmarking Framework for Static Android Malware Detectors
    Rodriguez, Sebastiaan Alvarez
    van der Kouwe, Erik
    THIRD CENTRAL EUROPEAN CYBERSECURITY CONFERENCE (CECC 2019), 2019,
  • [38] Utilizing obfuscation information in deep learning-based Android malware detection
    Wu, Junji
    Kanai, Atsushi
    2021 IEEE 45TH ANNUAL COMPUTERS, SOFTWARE, AND APPLICATIONS CONFERENCE (COMPSAC 2021), 2021, : 1321 - 1326
  • [39] FAM: Featuring Android Malware for Deep Learning-Based Familial Analysis
    Ban, Younghoon
    Lee, Sunjun
    Song, Dokyung
    Cho, Haehyun
    Yi, Jeong Hyun
    IEEE ACCESS, 2022, 10 : 20008 - 20018
  • [40] StormDroid: A Streaminglized Machine Learning-Based System for Detecting Android Malware
    Chen, Sen
    Xue, Minhui
    Tang, Zhushou
    Xu, Lihua
    Zhu, Haojin
    ASIA CCS'16: PROCEEDINGS OF THE 11TH ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2016, : 377 - 388
12345