Attacks on Visualization-Based Malware Detection: Balancing Effectiveness and Executability

09/21/2021
by   Hadjer Benkraouda, et al.
0

With the rapid development of machine learning for image classification, researchers have found new applications of visualization techniques in malware detection. By converting binary code into images, researchers have shown satisfactory results in applying machine learning to extract features that are difficult to discover manually. Such visualization-based malware detection methods can capture malware patterns from many different malware families and improve malware detection speed. On the other hand, recent research has also shown adversarial attacks against such visualization-based malware detection. Attackers can generate adversarial examples by perturbing the malware binary in non-reachable regions, such as padding at the end of the binary. Alternatively, attackers can perturb the malware image embedding and then verify the executability of the malware post-transformation. One major limitation of the first attack scenario is that a simple pre-processing step can remove the perturbations before classification. For the second attack scenario, it is hard to maintain the original malware's executability and functionality. In this work, we provide literature review on existing malware visualization techniques and attacks against them. We summarize the limitation of the previous work, and design a new adversarial example attack against visualization-based malware detection that can evade pre-processing filtering and maintain the original malware functionality. We test our attack on a public malware dataset and achieve a 98

READ FULL TEXT
research
09/20/2019

COPYCAT: Practical Adversarial Attacks on Visualization-Based Malware Detection

Despite many attempts, the state-of-the-art of adversarial machine learn...
research
08/05/2018

Adversarial Examples: Attacks on Machine Learning-based Malware Visualization Detection Methods

As the threat of malicious software (malware) becomes urgently serious, ...
research
11/04/2022

MalGrid: Visualization Of Binary Features In Large Malware Corpora

The number of malware is constantly on the rise. Though most new malware...
research
08/03/2022

Design of secure and robust cognitive system for malware detection

Machine learning based malware detection techniques rely on grayscale im...
research
05/04/2023

Madvex: Instrumentation-based Adversarial Attacks on Machine Learning Malware Detection

WebAssembly (Wasm) is a low-level binary format for web applications, wh...
research
09/21/2018

Adversarial Binaries for Authorship Identification

Binary code authorship identification determines authors of a binary pro...
research
02/13/2018

Adversarial Examples on Discrete Sequences for Beating Whole-Binary Malware Detection

In recent years, deep learning has shown performance breakthroughs in ma...

Please sign up or login with your details

Forgot password? Click here to reset