Abstract
Deep learning algorithms have been widely used for security applications, including malware detection and classification. Recent results have shown that those algorithms are vulnerable to adversarial examples, whereby a small perturbation in the input sample may result in misclassification. In this paper, we systematically tackle the problem of adversarial examples detection in the control flow graph (CFG) based classifiers for malware detection using Soteria. Unique to Soteria, we use both density-based and level-based labels for CFG labeling to yield a consistent representation, a random walk-based traversal approach for feature extraction, and n-gram based module for feature representation. End-to-end, Soteria’s representation ensures a simple yet powerful randomization property of the used classification features, making it difficult even for a powerful adversary to launch a successful attack. Soteria also employs a deep learning approach, consisting of an auto-encoder for detecting adversarial examples, and a CNN architecture for detecting and classifying malware samples. We evaluate the performance of Soteria, using a large dataset consisting of 16,814 IoT samples, and demonstrate its superiority in comparison with state-of-the-art approaches. In particular, Soteria yields an accuracy rate of 97.79% for detecting AEs, and 99.91% overall accuracy for classification malware families.
Original language | English |
---|---|
Title of host publication | Proceedings - 2020 IEEE 40th International Conference on Distributed Computing Systems, ICDCS 2020 |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 888-898 |
Number of pages | 11 |
ISBN (Electronic) | 9781728170022 |
DOIs | |
State | Published - Nov 2020 |
Event | 40th IEEE International Conference on Distributed Computing Systems, ICDCS 2020 - Singapore, Singapore Duration: 29 Nov 2020 → 1 Dec 2020 |
Publication series
Name | Proceedings - International Conference on Distributed Computing Systems |
---|---|
Volume | 2020-November |
Conference
Conference | 40th IEEE International Conference on Distributed Computing Systems, ICDCS 2020 |
---|---|
Country/Territory | Singapore |
City | Singapore |
Period | 29/11/20 → 1/12/20 |
Bibliographical note
Publisher Copyright:© 2020 IEEE.
Keywords
- Adversarial Machine Learning
- Deep Learning
- Internet of Things
- Malware Detection