研究生: 邱昱誠
Yu-Cheng Chiu
論文名稱: 利用分割技術對結構型惡意軟體檢測器的後門攻擊
Backdoor Attack against Structure-based Malware Detector Using Partition
指導教授: 李漢銘
Hahn-Ming Lee
Shin-Ming Cheng
口試委員: 李育杰
Yuh-Jye Lee
Yi-Ting Huang
學位類別: 碩士
系所名稱: 電資學院 - 資訊工程系
Department of Computer Science and Information Engineering
論文出版年: 2023
畢業學年度: 111
語文別: 英文
論文頁數: 64
中文關鍵詞: 機器學習圖神經網路後門攻擊惡意軟體惡意軟體檢測器結構型特徵控制流程圖函數呼叫圖
外文關鍵詞: Machine Learning(ML), Graph Neural Network(GNN), Backdoor Attack, Malware, Malware Detector, Structural Feature, Control Flow Graph(CFG), Function Call Graph(FCG)
相關次數: 點閱:528下載:0
In static malware detection, structural features such as Control Flow Graphs (CFGs) and Function Call Graphs (FCGs) are recognized as key to identifying malicious software, as they include execution flow and software structure information. Graph Neural Networks (GNNs) excel at capturing the interdependencies among nodes. By incorporating attention mechanisms, these networks can assign different weights to nodes, facilitating the precise identification of significant nodes or subgraphs, and thus enhancing malware detection accuracy. Nevertheless, to cope with the constant evolution of malware, AI-based malware detectors need to routinely gather samples and retrain their models, a process that exposes them to potential backdoor attacks. These attacks typically involve the implantation of triggers into some samples of the dataset, thereby enabling the model to generate backdoors during training. However, to the best of our knowledge, no backdoor attack methods currently exist specifically tailored for structural features. Hence, this study proposes a novel backdoor attack method specifically designed for malware detectors using structural features. We leverage CFGExplainer to analyze and identify high-weight benign subgraphs and malicious nodes within the graph, serving as the basis for our trigger selection for the backdoor attack. Moreover, we introduce a novel Partition strategy capable of effectively diversifying the weight of malicious nodes. Experimental results demonstrate that, regardless of trigger strength, our proposed strategies can significantly boost the success rate of backdoor attacks. Furthermore, we believe our research can contribute to the development of more effective countermeasures against such backdoor attacks.

中文摘要 i ABSTRACT ii 誌謝 iv 1 Introduction 1 1.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.2 Challenges and Goals . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.3 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.4 Outline of the Thesis . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2 Background and Related Work 8 2.1 ELF File Manipulation . . . . . . . . . . . . . . . . . . . . . . . . . 8 2.1.1 ELF File Format . . . . . . . . . . . . . . . . . . . . . . . . 8 2.1.2 Code Injection . . . . . . . . . . . . . . . . . . . . . . . . . 10 2.2 Static Malware Detection . . . . . . . . . . . . . . . . . . . . . . . . 12 2.2.1 Structure-based Malware Detection . . . . . . . . . . . . . . 13 2.3 Backdoor Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 2.3.1 Backdoor Attacks on Malware Detection . . . . . . . . . . . 16 2.4 Explainability Analysis and Applications of Graph Neural Network Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 2.4.1 CFGExplainer . . . . . . . . . . . . . . . . . . . . . . . . . 19 3 Backdoor Attack against Structure-based Malware Detector Using Partition 20 3.1 System Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.1.1 Threat Model . . . . . . . . . . . . . . . . . . . . . . . . . . 20 3.1.2 Problem Formulation . . . . . . . . . . . . . . . . . . . . . . 23 3.1.3 Feature Sets . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 3.2 Methodology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 3.2.1 Feature Importance Analysis . . . . . . . . . . . . . . . . . . 27 3.2.2 Trigger Generation . . . . . . . . . . . . . . . . . . . . . . . 28 3.2.3 Partition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 4 Experimental Results 34 4.1 Dataset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 4.2 Target Model and Experiment Setting . . . . . . . . . . . . . . . . . 35 4.3 Results of Backdoor Attack . . . . . . . . . . . . . . . . . . . . . . . 36 5 Limitations and Future Work 42 5.1 Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 5.2 Future Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 6 Conclusions 44

