Abstract
The state-of-the-art of adversarial machine learning on malware detection systems generally yield unexecutable samples. In this work, we make the case for understanding the robustness of visualization-based malware detection system against adversarial examples (AEs) that not only are able to fool models, but also maintain the executability of the original input. To motivate for our vision, we first investigate the application of existing off-the-shelf adversarial attack approaches on malware detection systems through which we found that those approaches do not necessarily maintain the functionality of the original inputs. Then, we discuss an approach for achieving a high misclassification rate and maintaining the executability and functionality of the original input. We use visualization-based malware detection as an example to highlight the gap between blue-sky research that focuses on aspect of the learning process, and call for more practical techniques that respect the semantics of the underlying applications.
Original language | English |
---|---|
Title of host publication | Proceedings - 2020 2nd IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2020 |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 118-127 |
Number of pages | 10 |
ISBN (Electronic) | 9781728185439 |
DOIs | |
State | Published - Oct 2020 |
Event | 2nd IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2020 - Virtual, Atlanta, United States Duration: 1 Dec 2020 → 3 Dec 2020 |
Publication series
Name | Proceedings - 2020 2nd IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2020 |
---|
Conference
Conference | 2nd IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2020 |
---|---|
Country/Territory | United States |
City | Virtual, Atlanta |
Period | 1/12/20 → 3/12/20 |
Bibliographical note
Publisher Copyright:© 2020 IEEE.
Keywords
- Adversarial Examples
- Deep Learning
- Malware Detection
- Visualization