簡易檢索 / 詳目顯示

回結果列表
研究生: 楊季昕
Chi-Hsin Yang
論文名稱: 針對基於結構型特徵惡意軟體檢測器的隱蔽對抗式攻擊
An Imperceptible Adversarial Attack on Structure-Based Malware Detectors
指導教授: 李漢銘
Hahn-Ming Lee
鄭欣明
Shin-Ming Cheng
口試委員: 吳尚鴻
Shan-Hung Wu
游家牧
Chia-Mu Yu
陳尚澤
Shang-Tse Chen
學位類別: 碩士
Master
系所名稱: 電資學院 - 資訊工程系
Department of Computer Science and Information Engineering
論文出版年: 2022
畢業學年度: 110
語文別: 英文
論文頁數: 58
中文關鍵詞: 對抗式攻擊控制流圖可解釋性IoT 惡意軟體檢測機器學習靜態分析
外文關鍵詞: Adversarial Attack, Control Flow Graph, Explainability, IoT Malware Detection, Machine Learning,, Static Analysis
相關次數: 點閱:403下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 目錄 中文摘要 i ABSTRACT ii 誌謝 iii 1 Introduction 1 1.1 Motivation 2 1.2 Challenges and Goals 3 1.3 Contributions 4 1.4 Outline of the Thesis 5 2 Background and Related Work 7 2.1 ELF File Format 7 2.2 Static Malware Detection 9 2.2.1 Binary-based 9 2.2.2 Signature-based 10 2.2.3 Structure-based 11 2.3 Limitations of Adversarial Attacks in Malware Detection 12 2.4 Functionality-preserving Adversarial Attack 12 2.4.1 Code-level 13 2.4.2 Binary-level 13 2.5 Explainability Analysis and Applications of Machine Learning Models 15 2.5.1 SHAP 15 2.5.2 LIME 17 2.5.3 Adversarial Attack Based on Model Explainability 17 3 Assembly-layer Attack on Structure-based Malware Detectors Using Explainability Analysis 18 3.1 System Model 18 3.1.1 Threat Model 18 3.1.2 Problem Formulation 20 3.1.3 Feature Sets 22 3.2 Methodology 23 3.2.1 Feature Importance Analysis 23 3.2.2 Payload Generation 27 3.2.3 Imperceptible Structural Attack 30 4 Experimental Results and Robustness Analysis 33 4.1 Dataset 33 4.2 Target Model and Experiment Setting 34 4.3 Analysis of Structural Attack 35 4.4 Transferability of Adversarial Examples 42 4.5 Adversarial Attack on Other Structure-based Detectors 45 5 Limitations and Future Work 46 5.1 Limitations 46 5.2 Future Work 47 6 Conclusions 48

    [1] C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: Mirai and other botnets,” IEEE Computer, vol. 50, pp. 80–84, Jul. 2017.
    [2] I. Makhdoom, M. Abolhasan, J. Lipman, R. P. Liu, and W. Ni, “Anatomy of threats to the Internet of Things,” IEEE Commun. Surveys Tuts., vol. 21, no. 2, pp. 1636–1675, Oct. 2018.
    [3] S.-M. Cheng, P.-Y. Chen, C.-C. Lin, and H.-C. Hsiao, “Traffic-aware patching for cyber security in mobile IoT,” IEEE Commun. Mag., vol. 55, no. 7, pp. 29–35, Jul. 2017.
    [4] A. D. Raju, I. Y. Abualhaol, R. S. Giagone, Y. Zhou, and S. Huang, “A survey on cross-architectural IoT malware threat hunting,” IEEE Access, vol. 9, pp. 91 686–91 709, Jun. 2021.
    [5] Q.-D. Ngo, H.-T. Nguyen, V.-H. Lec, and D.-H. Nguyen, “A survey of IoT malware and detection methods based on static features,” ICT Express, vol. 6, no. 4, pp. 280–286, Dec. 2020.
    [6] E. Raff, J. Barker, J. Sylvester, R. Brandon, B. Catanzaro, and C. Nicholas, “Malware detection by eating a whole EXE,” in Proc. AAAI 2018, Jun. 2018.
    [7] H. S. Anderson and P. Roth, “EMBER: An open dataset for training static PE malware machine learning models,” arXiv preprint arXiv:1804.04637, Apr. 2018.
    [8] J. Su, D. V. Vasconcellos, S. Prasad, D. Sgandurra, Y. Feng, and K. Sakurai, “Lightweight classification of IoT malware based on image recognition,” in Proc. IEEE COMPSAC 2018, Jul. 2018, pp. 664–669.
    [9] X. Liu, Y. Lin, H. Li, and J. Zhang, “A novel method for malware detection on ML-based visualization technique,” Computers & Security, vol. 89, p. 101682, Feb. 2020.
    [10] H. HaddadPajouh, A. Dehghantanha, R. Khayami, and K.-K. R. Choo, “A deep recurrent neural network based approach for internet of things malware threat hunting,” Future Generation Computer Systems, pp. 88–96, Aug. 2018.
    [11] M. Alhanahnah, Q. Lin, Q. Yan, N. Zhang, and Z. Chen, “Efficient signature generation for classifying cross-architecture IoT malware,” in Proc. IEEE CNS 2018, May 2018.
    [12] H. Alasmary, A. Khormali, A. Anwar, J. Park, J. Choi, A. Abusnaina, A. Awad, D. Nyang, and A. Mohaisen, “Analyzing and detecting emerging Internet of Things malware: A graph-based approach,” IEEE Internet Things J., vol. 6, no. 5, pp. 8977–8988, Oct. 2019.
    [13] B. Wu, Y. Xu, and F. Zou, “Malware classification by learning semantic and structural features of control flow graphs,” in Proc. IEEE TrustCom 2021, Oct. 2021, pp. 540–547.
    [14] C.-Y. Wu, T. Ban, S.-M. Cheng, B. Sun, and T. Takahashi, “IoT malware detection using function-call-graph embedding,” in Proc. IEEE PST 2021, Dec. 2021, pp. 1–9.
    [15] I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples,” arXiv preprint arXiv:1412.6572, Mar. 2015.
    [16] W. Fleshman, E. Raff, R. Zak, M. McLean, and C. Nicholas, “Static malware detection & subterfuge: Quantifying the robustness of machine learning and current anti-virus,” in Proc. IEEE MALWARE 2018, Oct. 2018, pp. 1–10.
    [17] A. Abusnaina, A. Anwar, S. Alshamrani, A. Alabduljabbar, R. Jang, D. Nyang, and D. Mohaisen, “Systemically evaluating the robustness of ML-based IoT malware detectors,” in Proc. IEEE/IFIP DSN-S 2021, Jun. 2021, pp. 3–4.
    [18] A. Madry, A. Makelov, L. Schmidt, D. Tsipras, and A. Vladu, “Towards deep learning models resistant to adversarial attacks,” arXiv preprint arXiv:1706.06083, Sep. 2019.
    [19] D. Park, H. Khan, and B. Yener, “Generation & evaluation of adversarial examples for malware obfuscation,” in Proc. IEEE ICMLA 2019, Dec. 2019, pp. 1283–1290.
    [20] X. Li, K. Qiu, C. Qian, and G. Zhao, “An adversarial machine learning method based on opcode n-grams feature in malware detection,” in Proc. IEEE DSC 2020, Jul. 2020, pp. 380–387.
    [21] K. Lucas, M. Sharif, L. Bauer, M. K. Reiter, and S. Shintre, “Malware makeover: Breaking ML-based static analysis by modifying executable bytes,” in Proc. ACM Asia CCS 2021, May 2021, pp. 744–758.
    [22] T.-Y. Chen, “Structural attack against graph-based IoT malware detection at assembly level,” Master, NTUST, Taipei, Taiwan, Jan. 2022.
    [23] X. Chen, C. Li, D. Wang, S. Wen, J. Zhang, S. Nepal, Y. Xiang, and K. Ren, “Android HIV: A study of repackaging malware for evading machine-learning detection,” IEEE Trans. Inf. Forensics Security, vol. 15, pp. 987–1001, 2020.
    [24] K. Zhao, H. Zhou, Y. Zhu, X. Zhan, K. Zhou, J. Li, L. Yu, W. Yuan, and X. Luo, “Structural attack against graph based android malware detection,” in Proc. ACM Asia CCS 2021, Nov. 2021, p. 3218–3235.
    [25] A. Abusnaina, A. Khormali, H. Alasmary, J. Park, A. Anwar, and A. Mohaisen, “Adversarial learning attacks on graph-based IoT malware detection systems,” in Proc. IEEE ICDCS 2019, Jul. 2019, pp. 1296–1305.
    [26] L. Demetrio, B. Biggio, G. Lagorio, F. Roli, and A. Armando, “Functionalitypreserving black-box optimization of adversarial windows malware,” IEEE Trans. Inf. Forensics Security, vol. 16, pp. 3469–3478, May 2021.
    [27] M. Ebrahimi, N. Zhang, J. Hu, M. T. Raza, and H. Chen, “Binary black-box evasion attacks against deep learning-based static malware detectors with adversarial byte-level language model,” in Proc. AAAI Workshop on RSEML, Feb. 2021.
    [28] L. Demetrio, S. E. Coull, B. Biggio, G. Lagorio, A. Armando, and F. Roli, “Adversarial EXEmples: A survey and experimental evaluation of practical attacks on machine learning for windows malware detection,” ACM Trans. Privacy and Security, vol. 24, no. 4, pp. 1–31, Nov. 2021.
    [29] C. Yang, J. Xu, S. Liang, Y. Wu, Y. Wen, B. Zhang, and D. Meng, “DeepMal: maliciousness-preserving adversarial instruction learning against static malware detection,” Cybersecurity, vol. 4, May 2021.
    [30] “Executable and linking format (ELF) specification version 1.2,” Tool Interface Standard (TIS), (1995, May). [Online]. Available: https://refspecs.linuxbase.org/elf/elf.pdf
    [31] M. Krčál, O. Švec, M. Bálek, and O. Jašek, “Deep convolutional malware classifiers can learn from raw executables and labels only,” in Proc. ICLR Workshop 2018, Apr. 2018.
    [32] W. Fleshman, E. Raff, J. Sylvester, S. Forsyth, and M. McLean, “Non-negative networks against adversarial attacks,” arXiv preprint arXiv:1806.06108, Jan. 2019.
    [33] Z. Fang, J. Wang, J. Geng, and X. Kan, “Feature selection for malware detection based on reinforcement learning,” IEEE Access, vol. 7, pp. 176 177–176 187, Dec. 2019.
    [34] T. Rezaei and A. Hamze, “An efficient approach for malware detection using PE header specifications,” in Proc. IEEE ICWR 2020, Apr. 2020, pp. 234–239.
    [35] Y.-T. Lee, T. Ban, T.-L. Wan, S.-M. Cheng, R. Isawa, T. Takahashi, and D. Inoue, “Cross platform IoT-malware family classification based on printable strings,” in Proc. IEEE TrustCom 2020, Dec. 2020, pp. 775–784.
    [36] E. M. Dovom, A. Azmoodeh, A. Dehghantanha, D. E. Newton, R. M. Parizi, and H. Karimipour, “Fuzzy pattern tree for edge malware detection and categorization in IoT,” Journal of Systems Architecture, vol. 97, pp. 1–7, Aug. 2019.
    [37] C.-W. Tien, S.-W. Chen, T. Ban, and S.-Y. Kuo, “Machine learning framework to analyze IoT malware using ELF and opcode features,” Digital Threats: Research and Practice, vol. 1, no. 1, pp. 1–19, Mar. 2020.
    [38] D. Arp, M. Spreitzenbarth, M. Hubner, H. Gascon, K. Rieck, and C. Siemens, “DREBIN: Effective and explainable detection of Android malware in your pocket,” in Proc. NDSS Symposium 2014, Feb. 2014.
    [39] L. Onwuzurike, E. Mariconti, P. Andriotis, E. D. Cristofaro, G. Ross, and G. Stringhini, “MaMaDroid: Detecting android malware by building markov chains of behavioral models (extended version),” ACM Trans. Privacy and Security, vol. 22, no. 2, Apr. 2019.
    [40] N. Namani and A. Khan, “Symbolic execution based feature extraction for detection of malware,” in Proc. IEEE ICCCS 2020, Dec. 2020, pp. 1–6.
    [41] X.-W. Wu, Y. Wang, Y. Fang, and P. Jia, “Embedding vector generation based on function call graph for effective malware detection and classification,” Neural Computing and Applications, pp. 1–14, Feb. 2022.
    [42] T. N. Phu, L. Hoang, N. N. Toan, N. D. Tho, and N. N. Binh, “C500-CFG: A novel algorithm to extract control flow-based features for IoT malware detection,” in Proc. IEEE ISCIT 2019, Sep. 2019, pp. 568–573.
    [43] L.-B. Ouyang, “Robustness evaluation of graph-based malware detection using code-level adversarial attack with explainability,” Master, NTUST, Taipei, Taiwan, Jul. 2021.
    [44] H.-T. Nguyen, Q.-D. Ngo4, and V.-H. Le, “A novel graph-based approach for IoT botnet detection,” International Journal of Information Security, vol. 19, no. 5, pp. 567–577, Oct. 2020.
    [45] S. Gülmez and I. Sogukpinar, “Graph-based malware detection using opcode sequences,” in Proc. IEEE ISDFS 2021, Jun. 2021, pp. 1–5.
    [46] A. Pektaş and T. Acarman, “Deep learning for effective Android malware detection using API call graph embeddings,” Soft Computing, vol. 24, no. 2, pp. 1027–1043, Jan. 2020.
    [47] K. Simonyan and A. Zisserman, “Very deep convolutional networks for largescale image recognition,” arXiv preprint arXiv:1409.1556, Apr. 2015.
    [48] K. He, X. Zhang, S. Ren, and J. Sun, “Deep residual learning for image recognition,” in Proc. IEEE CVPR 2016, Dec. 2016, pp. 770–778.
    [49] N. Carlini and D. Wagner, “Towards evaluating the robustness of neural networks,” in Proc. IEEE S&P 2017, May 2017, pp. 39–57.
    [50] F. Pierazzi, F. Pendlebury, J. Cortellazzi, and L. Cavallaro., “Intriguing properties of adversarial ML attacks in the problem space,” in Proc. IEEE S&P 2020, May 2020, p. 1332–1349.
    [51] A. Abusnaina, H. Alasmary, M. Abuhamad, S. Salem, D. Nyang, and A. Mohaisen, “Subgraph-based adversarial examples against graph-based IoT malware detection systems,” in Proc. Computational Data and Social Networks 2019, Nov. 2019, pp. 268–281.
    [52] L. Zhang, P. Liu, Y.-H. Choi, and P. Chen, “Semantics-preserving reinforcement learning attack against graph neural networks for malware detection,” IEEE Trans. Dependable Secure Comput., Mar. 2022.
    [53] S. M.Lundberg and S.-I. Lee, “A unified approach to interpreting model predictions,” in Proc. NeurIPS 2017, vol. 30, Dec. 2017, pp. 4768–4777.
    [54] T. Ribeiro, S. Singh, and C. Guestrin, “”Why should I trust you?” Explaining the predictions of any classifier,” in Proc. ACM SIGKDD 2016, Aug. 2016, pp. 1135–1144.
    [55] L. Demetrio, B. Biggio, G. Lagorio, F. Roli, and A. Armando, “Explaining vulnerabilities of deep learning to adversarial malware binaries,” arXiv preprint arXiv:1901.03583, Jan. 2019.
    [56] I. Rosenberg, S. Meir, J. Berrebi, I. Gordon, G. Sicard, and E. O. David, “Generating end-to-end adversarial examples for malware classifiers using explainability,” in Proc. IEEE IJCNN 2020, Jul. 2020, pp. 1–10.
    [57] I. G. Nicolas Papernot, Patrick McDaniel, “Transferability in machine learning: From phenomena to black-box attacks using adversarial samples,” arXiv preprint arXiv:1605.07277, May 2016.
    [58] Y. Shoshitaishvili, R. Wang, C. Salls, N. Stephens, M. Polino, A. Dutcher, J. Grosen, S. Feng, C. Hauser, C. Kruegel, and G. Vigna, “SoK: (State of) The Art of War: Offensive Techniques in Binary Analysis,” in Proc. IEEE S&P 2016, May 2016, pp. 138–157.
    [59] A. Hagberg, P. Swart, and D. Chult, “Exploring network structure, dynamics, and function using NetworkX,” in Proc. SciPy 2008, Aug. 2008, p. 11–15.

    無法下載圖示 全文公開日期 2027/08/01 (校內網路)
    全文公開日期 2027/08/01 (校外網路)
    全文公開日期 2027/08/01 (國家圖書館:臺灣博碩士論文系統)
    QR CODE