DL-FHMC: Deep Learning-based Fine-grained Hierarchical Learning Approach for Robust Malware Classification

Ahmed Abusnaina, Mohammed Abuhamad, Hisham Alasmary, Afsah Anwar, Rhongho Jang, Saeed Salem, Daehun Nyang, David Mohaisen

Research output: Contribution to journalArticlepeer-review

1 Scopus citations

Abstract

Given the limited scalability of dynamic analysis, static analysis, such as the use of Control Flow Graph (CFG)-based features, is widely used by machine learning algorithms for malware analysis and detection. However, recent studies have shown these approaches are susceptible to adversarial attacks by adding codes to the binaries with an intention to fool detection systems. This study proposes a malware detection system robust to adversarial attacks. We examine the performance of the state-of-the-art methods against adversarial IoT software crafted using the graph embedding and augmentation techniques; namely, we study the robustness of such methods against two black-box adversarial methods, GEA and SGEA, to generate Adversarial Examples (AEs) with reduced overhead, and keeping their practicality intact. Our comprehensive experimentation with GEA-based AEs show the relation between misclassification and the graph size of the injected sample. Upon optimization and with small perturbation, by use of SGEA, all IoT malware samples are misclassified as benign. This highlights the vulnerability of current detection systems under adversarial settings. With the landscape of possible adversarial attacks, we then propose DL-FHMC, a fine-grained hierarchical learning approach for malware detection and classification, that is robust to AEs with a capability to detect 88.52% of the malicious AEs.

Original languageEnglish
JournalIEEE Transactions on Dependable and Secure Computing
DOIs
StateAccepted/In press - 2021

Keywords

  • Adversarial Attacks
  • Adversarial Machine Learning
  • Deep Learning
  • Deep learning
  • Internet of Things
  • Internet of Things
  • Machine learning
  • Machine learning algorithms
  • Malware
  • Malware Detection
  • Robustness
  • Static analysis

Fingerprint

Dive into the research topics of 'DL-FHMC: Deep Learning-based Fine-grained Hierarchical Learning Approach for Robust Malware Classification'. Together they form a unique fingerprint.

Cite this