Article

Practical Evasion of a Learning-Based Classifier: A Case Study

Authors:

Nedim Šrndic,

Pavel LaskovAuthors Info & Claims

SP '14: Proceedings of the 2014 IEEE Symposium on Security and Privacy

Pages 197 - 211

https://doi.org/10.1109/SP.2014.20

Published: 18 May 2014 Publication History

Abstract

Learning-based classifiers are increasingly used for detection of various forms of malicious data. However, if they are deployed online, an attacker may attempt to evade them by manipulating the data. Examples of such attacks have been previously studied under the assumption that an attacker has full knowledge about the deployed classifier. In practice, such assumptions rarely hold, especially for systems deployed online. A significant amount of information about a deployed classifier system can be obtained from various sources. In this paper, we experimentally investigate the effectiveness of classifier evasion using a real, deployed system, PDFrate, as a test case. We develop a taxonomy for practical evasion strategies and adapt known evasion algorithms to implement specific scenarios in our taxonomy. Our experimental results reveal a substantial drop of PDFrate's classification scores and detection accuracy after it is exposed even to simple attacks. We further study potential defense mechanisms against classifier evasion. Our experiments reveal that the original technique proposed for PDFrate is only effective if the executed attack exactly matches the anticipated one. In the discussion of the findings of our study, we analyze some potential techniques for increasing robustness of learning-based systems against adversarial manipulation of data.

Cited By

View all

Mimura MKurashina K(2025)Practical evasion attack against neural network-based macro-malware detection methodCluster Computing10.1007/s10586-024-04825-528:2Online publication date: 1-Apr-2025
https://dl.acm.org/doi/10.1007/s10586-024-04825-5
Liu RMatuszek CNicholas C(2024)An Efficient PDF Malware Detection Method Using Highly Compact FeaturesProceedings of the ACM Symposium on Document Engineering 202410.1145/3685650.3685668(1-4)Online publication date: 20-Aug-2024
https://dl.acm.org/doi/10.1145/3685650.3685668
Saqib MMahdavifar SFung BCharland P(2024)A Comprehensive Analysis of Explainable AI for Malware HuntingACM Computing Surveys10.1145/367737456:12(1-40)Online publication date: 11-Jul-2024
https://dl.acm.org/doi/10.1145/3677374
Show More Cited By

Practical Evasion of a Learning-Based Classifier: A Case Study
1. Computing methodologies
  1. Machine learning
    1. Learning paradigms
      1. Supervised learning

Recommendations

Analysis of evasion techniques in web-based malware
A Survey On Automated Dynamic Malware Analysis Evasion and Counter-Evasion: PC, Mobile, and Web
ROOTS: Proceedings of the 1st Reversing and Offensive-oriented Trends Symposium

Automated dynamic malware analysis systems are important in combating the proliferation of modern malware. Unfortunately, malware can often easily detect and evade these systems. Competition between malware authors and analysis system developers has ...
Web Bot Detection Evasion Using Deep Reinforcement Learning
ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security

Web bots are vital for the web as they can be used to automate several actions, some of which would have otherwise been impossible or very time consuming. These actions can be benign, such as website testing and web indexing, or malicious, such as ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

SP '14: Proceedings of the 2014 IEEE Symposium on Security and Privacy

May 2014

694 pages

ISBN:9781479946860

Publisher

IEEE Computer Society

United States

Publication History

Published: 18 May 2014

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

56
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Mimura MKurashina K(2025)Practical evasion attack against neural network-based macro-malware detection methodCluster Computing10.1007/s10586-024-04825-528:2Online publication date: 1-Apr-2025
https://dl.acm.org/doi/10.1007/s10586-024-04825-5
Liu RMatuszek CNicholas C(2024)An Efficient PDF Malware Detection Method Using Highly Compact FeaturesProceedings of the ACM Symposium on Document Engineering 202410.1145/3685650.3685668(1-4)Online publication date: 20-Aug-2024
https://dl.acm.org/doi/10.1145/3685650.3685668
Saqib MMahdavifar SFung BCharland P(2024)A Comprehensive Analysis of Explainable AI for Malware HuntingACM Computing Surveys10.1145/367737456:12(1-40)Online publication date: 11-Jul-2024
https://dl.acm.org/doi/10.1145/3677374
Concone FGaglio SGiammanco ARe GMorana M(2024)AdverSPAM: Adversarial SPam Account Manipulation in Online Social NetworksACM Transactions on Privacy and Security10.1145/364356327:2(1-31)Online publication date: 26-Jan-2024
https://dl.acm.org/doi/10.1145/3643563
Tian JQiu KGao DWang ZKuang XZhao GCalandrino JTroncoso C(2023)Sparsity brings vulnerabilitiesProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620388(2689-2706)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620388
Stivala GAbdelnabi SMengascini AGraziano MFritz MPellegrino G(2023)From Attachments to SEO: Click Here to Learn More about Clickbait PDFs!Proceedings of the 39th Annual Computer Security Applications Conference10.1145/3627106.3627172(14-28)Online publication date: 4-Dec-2023
https://dl.acm.org/doi/10.1145/3627106.3627172
Yin HLou BReiher P(2023)A Method for Summarizing and Classifying Evasive MalwareProceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3607199.3607207(455-470)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3607199.3607207
Mao ZFang ZLi MFan Y(2022)EvadeRLSecurity and Communication Networks10.1155/2022/72188002022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/7218800
Jero SBurow NWard BSkowyra RKhazan RShrobe HOkhravi H(2022)TAG: Tagged Architecture GuideACM Computing Surveys10.1145/353370455:6(1-34)Online publication date: 7-Dec-2022
https://dl.acm.org/doi/10.1145/3533704
Tay KChua SChua MBalachandran VJoshi AFernandez MVerma R(2022)Towards Robust Detection of PDF-based MalwareProceedings of the Twelfth ACM Conference on Data and Application Security and Privacy10.1145/3508398.3519365(370-372)Online publication date: 14-Apr-2022
https://dl.acm.org/doi/10.1145/3508398.3519365
Show More Cited By

Abstract

Cited By

Recommendations

Analysis of evasion techniques in web-based malware

A Survey On Automated Dynamic Malware Analysis Evasion and Counter-Evasion: PC, Mobile, and Web

Web Bot Detection Evasion Using Deep Reinforcement Learning

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations