Against All Odds: Winning the Defense Challenge in an Evasion Competition with Diversification

by   Erwin Quiring, et al.

Machine learning-based systems for malware detection operate in a hostile environment. Consequently, adversaries will also target the learning system and use evasion attacks to bypass the detection of malware. In this paper, we outline our learning-based system PEberus that got the first place in the defender challenge of the Microsoft Evasion Competition, resisting a variety of attacks from independent attackers. Our system combines multiple, diverse defenses: we address the semantic gap, use various classification models, and apply a stateful defense. This competition gives us the unique opportunity to examine evasion attacks under a realistic scenario. It also highlights that existing machine learning methods can be hardened against attacks by thoroughly analyzing the attack surface and implementing concepts from adversarial learning. Our defense can serve as an additional baseline in the future to strengthen the research on secure learning.


page 1

page 2

page 3

page 4


Effectiveness of Moving Target Defenses for Adversarial Attacks in ML-based Malware Detection

Several moving target defenses (MTDs) to counter adversarial ML attacks ...

Design of secure and robust cognitive system for malware detection

Machine learning based malware detection techniques rely on grayscale im...

Attack and Defense of Dynamic Analysis-Based, Adversarial Neural Malware Classification Models

Recently researchers have proposed using deep learning-based systems for...

amsqr at MLSEC-2021: Thwarting Adversarial Malware Evasion with a Defense-in-Depth

This paper describes the author's participation in the 3rd edition of th...

Adversarial Learning in Statistical Classification: A Comprehensive Review of Defenses Against Attacks

With the wide deployment of machine learning (ML) based systems for a va...

Backdooring Explainable Machine Learning

Explainable machine learning holds great potential for analyzing and und...

From Shortcuts to Triggers: Backdoor Defense with Denoised PoE

Language models are often at risk of diverse backdoor attacks, especiall...

Code Repositories


Defense from the 2020 Microsoft Evasion Competition

view repo

Please sign up or login with your details

Forgot password? Click here to reset