[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/3494110.3528244acmconferencesArticle/Chapter ViewAbstractPublication Pagesasia-ccsConference Proceedingsconference-collections
short-paper

Position Paper: On Advancing Adversarial Malware Generation Using Dynamic Features

Published: 30 May 2022 Publication History

Abstract

Along the evolution of malware detection systems, adversaries develop sophisticated evasion techniques that render malicious samples undetectable. Especially for ML-based detection systems, an effective approach is to craft adversarial malware to evade detection. In this position paper, we conduct a critical review of existing adversarial attacks against malware detection, and conclude that current research focuses mainly on evasion techniques against static analysis; generating adversarial Windows samples to evade dynamic analysis remains largely unexplored. In the context of black-box attack scenarios, we investigate an adversary's potential to carry out practical transformations in order to influence behavioral features observed by ML systems and security products. Moreover, we investigate the range of dynamic behavior transformations and identify critical properties and associated challenges that relate to feasibility, automation, technical costs and detection risks. Through this discussion, we propose solutions to important challenges and present promising paths for future research on evasive malware under dynamic analysis.

References

[1]
Amir Afianian, Salman Niksefat, Babak Sadeghiyan, and David Baptiste. 2019. Malware dynamic analysis evasion techniques: A survey. ACM Computing Surveys (CSUR) 52, 6 (2019), 1--28.
[2]
Anil Altinay, Joseph Nash, Taddeus Kroes, Prabhu Rajasekaran, Dixin Zhou, Adrian Dabrowski, et al. 2020. BinRec: dynamic binary lifting and recompilation. In Proceedings of the Fifteenth European Conference on Computer Systems. 1--16.
[3]
Battista Biggio and Fabio Roli. 2018. Wild patterns: Ten years after the rise of adversarial machine learning. Pattern Recognition 84 (2018), 317--331.
[4]
Fabio De Gaspari, Dorjan Hitaj, et al. 2020. The naked sun: Malicious cooperation between benign-looking processes. In International Conference on Applied Cryptography and Network Security. Springer, 254--274.
[5]
Luca Demetrio, Battista Biggio, Giovanni Lagorio, Fabio Roli, and Alessandro Armando. 2021. Functionality-preserving black-box optimization of adversarial windows malware. IEEE Transactions on Information Forensics and Security 16 (2021), 3469--3478.
[6]
Luca Demetrio, Scott E Coull, Battista Biggio, Giovanni Lagorio, Alessandro Armando, and Fabio Roli. 2021. Adversarial EXEmples: A Survey and Experimental Evaluation of Practical Attacks on Machine Learning for Windows Malware Detection. ACM Transactions on Privacy and Security (TOPS) 24, 4 (2021), 1--31.
[7]
Daniele Cono D'Elia, Lorenzo Invidia, and Leonardo Querzoni. 2021. Rope: Covert multi-process malware execution with return-oriented programming. In European Symposium on Research in Computer Security. Springer, 197--217.
[8]
Fenil Fadadu, Anand Handa, Nitesh Kumar, and Sandeep Kumar Shukla. 2019. Evading API call sequence based malware classifiers. In International Conference on Information and Communications Security. Springer, 18--33.
[9]
Anand Handa, Nitesh Kumar, Sandeep Kumar Shukla, et al. 2021. Adversaries Strike Hard: Adversarial Attacks Against Malware Classifiers Using Dynamic API Calls as Features. In International Symposium on Cyber Security Cryptography and Machine Learning. Springer, 20--37.
[10]
Weiwei Hu and Ying Tan. 2018. Black-box attacks against RNN based malware detection algorithms. In Workshops at the Thirty-Second AAAI Conference on Artificial Intelligence.
[11]
Kyriakos K. Ispoglou and Mathias Payer. 2016. malWASH: Washing Malware to Evade Dynamic Analysis. In 10th USENIX Workshop on Offensive Technologies (WOOT 16). USENIX Association, Austin, TX.
[12]
Christopher Kruegel, Engin Kirda, Darren Mutz, William Robertson, and Giovanni Vigna. 2005. Automating mimicry attacks using static binary analysis. In USENIX Security Symposium, Vol. 14. 11--11.
[13]
Yunus Kucuk and Guanhua Yan. 2020. Deceiving portable executable malware classifiers into targeted misclassification with practical adversarial examples. In Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy. 341--352.
[14]
Raphael Labaca-Castro, Luis Muñoz-González, Feargus Pendlebury, Gabi Dreo Rodosek, Fabio Pierazzi, and Lorenzo Cavallaro. 2021. Universal Adversarial Perturbations for Malware. arXiv preprint arXiv:2102.06747 (2021).
[15]
llvm-admin team. 2021. The LLVM Compiler Infrastructure. Retrieved December 30, 2021 from https://llvm.org
[16]
Weiqin Ma, Pu Duan, Sanmin Liu, Guofei Gu, and Jyh-Charn Liu. 2012. Shadow attacks: automatically evading system-call-behavior based malware detection. Journal in Computer Virology 8, 1 (2012), 1--13.
[17]
Jiang Ming, Zhi Xin, Pengwei Lan, Dinghao Wu, Peng Liu, and Bing Mao. 2017. Impeding behavior-based malware analysis via replacement attacks to malware specifications. Journal of Computer Virology and Hacking Techniques 13, 3 (2017), 193--207.
[18]
Jithin Pavithran, Milan Patnaik, and Chester Rebeiro. 2019. D-time: Distributed threadless independent malware execution for runtime obfuscation. In 13th USENIX Workshop on Offensive Technologies (WOOT 19).
[19]
Xiaowei Peng, Hequn Xian, Qian Lu, and Xiuqing Lu. 2021. Semantics aware adversarial malware examples generation for black-box attacks. Applied Soft Computing (2021), 107506.
[20]
Fabio Pierazzi, Feargus Pendlebury, Jacopo Cortellazzi, and Lorenzo Cavallaro. 2020. Intriguing properties of adversarial ML attacks in the problem space. In 2020 IEEE Symposium on Security and Privacy (SP). IEEE, 1332--1349.
[21]
Nikolaos Pitropakis, Emmanouil Panaousis, Thanassis Giannetsos, Eleftherios Anastasiadis, and George Loukas. 2019. A taxonomy and survey of attacks against machine learning. Computer Science Review 34 (2019), 100199.
[22]
Ishai Rosenberg, Asaf Shabtai, Yuval Elovici, and Lior Rokach. 2020. Queryefficient black-box attack against sequence-based malware classifiers. In Annual Computer Security Applications Conference. 611--626.
[23]
Ishai Rosenberg, Asaf Shabtai, Lior Rokach, and Yuval Elovici. 2018. Generic black-box end-to-end attack against state of the art API call based malware classifiers. In International Symposium on Research in Attacks, Intrusions, and Defenses. Springer, 490--510.
[24]
Koosha Sadeghi, Ayan Banerjee, and Sandeep KS Gupta. 2020. A system-driven taxonomy of attacks and defenses in adversarial machine learning. IEEE Transactions on Emerging Topics in Computational Intelligence 4, 4 (2020), 450--467.
[25]
Wei Song, Xuezixiang Li, Deepali Garg Sadia Afroz, Dimitry Kuznetsov, and Heng Yin. 2020. Automatic generation of adversarial examples for interpreting malware classifiers. arXiv preprint arXiv:2003.03100 (2020).
[26]
Jack W Stokes, De Wang, Mady Marinescu, Marc Marino, and Brian Bussone. 2018. Attack and defense of dynamic analysis-based, adversarial neural malware detection models. In MILCOM 2018--2018 IEEE Military Communications Conference (MILCOM). IEEE, 1--8.
[27]
Yun-Da Tsai, ChengKuan Chen, and Shou-De Lin. 2021. Toward an Effective BlackBox Adversarial Attack on Functional JavaScript Malware against Commercial Anti-Virus. In Proceedings of the 30th ACM International Conference on Information & Knowledge Management. 4165--4172.
[28]
Matthias Wenzl, Georg Merzdovnik, Johanna Ullrich, and Edgar Weippl. 2019. From hack to elaborate technique-a survey on binary rewriting. ACM Computing Surveys (CSUR) 52, 3 (2019), 1--37

Cited By

View all
  • (2024)A Comprehensive Analysis of Explainable AI for Malware HuntingACM Computing Surveys10.1145/367737456:12(1-40)Online publication date: 11-Jul-2024
  • (2024)Assessing Static and Dynamic Features for Packing DetectionThe Combined Power of Research, Education, and Dissemination10.1007/978-3-031-73887-6_12(146-166)Online publication date: 23-Oct-2024
  • (2023)MalAder: Decision-Based Black-Box Attack Against API Sequence Based Malware Detectors2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58367.2023.00027(165-178)Online publication date: Jun-2023

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences
WoRMA '22: Proceedings of the 1st Workshop on Robust Malware Analysis
May 2022
37 pages
ISBN:9781450391795
DOI:10.1145/3494110
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 May 2022

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. adversarial attack
  2. dynamic analysis
  3. evasion
  4. malware detection

Qualifiers

  • Short-paper

Conference

ASIA CCS '22
Sponsor:

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)59
  • Downloads (Last 6 weeks)5
Reflects downloads up to 19 Dec 2024

Other Metrics

Citations

Cited By

View all
  • (2024)A Comprehensive Analysis of Explainable AI for Malware HuntingACM Computing Surveys10.1145/367737456:12(1-40)Online publication date: 11-Jul-2024
  • (2024)Assessing Static and Dynamic Features for Packing DetectionThe Combined Power of Research, Education, and Dissemination10.1007/978-3-031-73887-6_12(146-166)Online publication date: 23-Oct-2024
  • (2023)MalAder: Decision-Based Black-Box Attack Against API Sequence Based Malware Detectors2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58367.2023.00027(165-178)Online publication date: Jun-2023

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media