Towards A Framework for Preprocessing Analysis of Adversarial Windows Malware

Date
2022-06-06
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
IEEE
Abstract
Machine learning for malware detection and classification has shown promising results. However, motivated adversaries can thwart such classifiers by perturbing the classifier’s input features. Feature perturbation can be realized by transforming the malware, inducing an adversarial drift in the problem space. Realizable adversarial malware is constrained by available software transformations that preserve the malware’s original semantics yet perturb its features enough to cross a classifier’s decision boundary. Further, transformations should be plausible and robust to preprocessing. If a defender can identify and filter the adversarial noise, then the utility of the adversarial approach is decreased. In this paper, we examine common adversarial techniques against a set of constraints that expose each technique’s realizability. Our observations indicate that most adversarial perturbations can be reduced through forensic preprocessing of the malware, highlighting the advantage of forensic analysis prior to classification.
Description
Keywords
Perturbation methods, Semantics, Digital forensics, Machine learning, Malware, Security
Citation
N. Schultz and A. Duby, "Towards A Framework for Preprocessing Analysis of Adversarial Windows Malware," 2022 10th International Symposium on Digital Forensics and Security (ISDFS), Istanbul, Turkey, 2022, pp. 1-6, doi: 10.1109/ISDFS55398.2022.9800812.
URI
https://hdl.handle.net/20.500.14216/1163
DOI
https://doi.org/10.1109/isdfs55398.2022.9800812
Collections
Works of Scholarship