TY - GEN
T1 - Systemically Evaluating the Robustness of ML-based IoT Malware Detectors
AU - Abusnaina, Ahmed
AU - Anwar, Afsah
AU - Alshamrani, Sultan
AU - Alabduljabbar, Abdulrahman
AU - Jang, Rhongho
AU - Nyang, Daehun
AU - Mohaisen, David
N1 - Funding Information:
IV. CONCLUSION Despite advancesin AI-backed system defenses, the systems have been shown to be vulnerable. With this work, we systematically evaluated the state of a range of malware detectors, proposed by the research community and industry-standard. Our effort unveils the status-quo of the existing detectors, and brings forward various insights to consider when proposing detection systems, particularly, the ML model robustness. Acknowledgement. This work was supported in part by NRF under grant 2016K1A1A2912757 and a CyberFlorida Collaborative Seed Award.
Publisher Copyright:
© 2021 IEEE.
PY - 2021/6
Y1 - 2021/6
N2 - The rapid growth of the Internet of Things (IoT) devices is paralleled by them being on the front-line of malicious attacks caused by malicious software. Machine learning (ML) algorithms, alongside the traditional signature-based methods, are typically used to detect malicious activities and behaviors. However, they are susceptible to malware evolution and sophistication, making them limited to the patterns that they have been trained upon. In this work, we systematically examine the state-of-The-Art malware detection approaches using various representations, under a range of adversarial settings. Our preliminary analyses highlight the instability of the learning algorithms in learning patterns that distinguish the benign from the malicious. Our mutations with functionality-preserving operations, e.g., software stripping and binary padding, significantly deteriorate the accuracy of malware detectors.
AB - The rapid growth of the Internet of Things (IoT) devices is paralleled by them being on the front-line of malicious attacks caused by malicious software. Machine learning (ML) algorithms, alongside the traditional signature-based methods, are typically used to detect malicious activities and behaviors. However, they are susceptible to malware evolution and sophistication, making them limited to the patterns that they have been trained upon. In this work, we systematically examine the state-of-The-Art malware detection approaches using various representations, under a range of adversarial settings. Our preliminary analyses highlight the instability of the learning algorithms in learning patterns that distinguish the benign from the malicious. Our mutations with functionality-preserving operations, e.g., software stripping and binary padding, significantly deteriorate the accuracy of malware detectors.
KW - Adversarial Machine Learning
KW - Internet of Things
KW - Malware Detection
UR - http://www.scopus.com/inward/record.url?scp=85115637718&partnerID=8YFLogxK
U2 - 10.1109/DSN-S52858.2021.00012
DO - 10.1109/DSN-S52858.2021.00012
M3 - Conference contribution
AN - SCOPUS:85115637718
T3 - Proceedings - 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume, DSN-S 2021
SP - 3
EP - 4
BT - Proceedings - 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume, DSN-S 2021
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 21 June 2021 through 24 June 2021
ER -