浏览全部资源
扫码关注微信
对抗训练驱动的恶意代码检测增强方法
Adversarial training driven malicious code detection enhancement method
- 通信学报 2022年43卷第9期 页码:169-180
- 作者机构:
1. 福州大学计算机与大数据学院,福建 福州 350108
2. 福建省网络计算与智能信息处理重点实验室,福建 福州 350108
3. 丹麦科技大学应用数学和计算机系,哥本哈根 2800
4. 中国科学院信息工程研究所,北京 100093
- 作者简介:
[ "刘延华(1972- ),男,山东济宁人,博士,福州大学副教授、硕士生导师,主要研究方向为网络空间安全、网络数据分析、网络系统故障分析、智能计算及应用等" ]
[ "李嘉琪(1998- ),女,福建漳州人,福州大学硕士生,主要研究方向为恶意代码检测、网络安全等" ]
[ "欧振贵(1998- ),男,福建莆田人,福州大学硕士生,主要研究方向为知识图谱融合、实体对齐、知识图谱补全、链接预测等" ]
[ "高晓玲(1995- ),女,福建漳州人,福州大学硕士生,主要研究方向为网络安全" ]
[ "刘西蒙(1988- ),男,陕西西安人,博士,福州大学研究员,主要研究方向为隐私计算、密文数据挖掘、大数据隐私保护、可搜索加密等" ]
[ "MENG Weizhi(1986– ),男,博士,丹麦科技大学副教授,主要研究方向为入侵检测、生物认证、恶意程序检测、人工智能安全、区块链应用等" ]
[ "刘宝旭(1972- ),男,山东沂水人,博士,中国科学院信息工程研究所研究员、博士生导师,主要研究方向为网络攻防、威胁情报、态势感知、威胁发现、网络溯源等" ]
- 基金信息:国家自然科学基金资助项目(62072109);国家自然科学基金资助项目(U1804263);福建省自然科学基金资助项目(2021J01625);福建省自然科学基金资助项目(2021J01616);福建省科技重大专项(科教联合)项目(2021HZ022007)
DOI:10.11959/j.issn.1000-436x.2022171
中图分类号: TN92-
网络出版日期:2022-09,
纸质出版日期:2022-09-25
- 稿件说明:
移动端阅览
刘延华, 李嘉琪, 欧振贵, 等. 对抗训练驱动的恶意代码检测增强方法[J]. 通信学报, 2022,43(9):169-180.
Yanhua LIU, Jiaqi LI, Zhengui OU, et al. Adversarial training driven malicious code detection enhancement method[J]. Journal on communications, 2022, 43(9): 169-180.
刘延华, 李嘉琪, 欧振贵, 等. 对抗训练驱动的恶意代码检测增强方法[J]. 通信学报, 2022,43(9):169-180. DOI: 10.11959/j.issn.1000-436x.2022171.
Yanhua LIU, Jiaqi LI, Zhengui OU, et al. Adversarial training driven malicious code detection enhancement method[J]. Journal on communications, 2022, 43(9): 169-180. DOI: 10.11959/j.issn.1000-436x.2022171.
摘要
为了解决恶意代码检测器对于对抗性输入检测能力的不足,提出了一种对抗训练驱动的恶意代码检测增强方法。首先,通过反编译工具对应用程序进行预处理,提取应用程序接口(API)调用特征,将其映射为二值特征向量。其次,引入沃瑟斯坦生成对抗网络,构建良性样本库,为恶意样本躲避检测器提供更加丰富的扰动组合。再次,提出了一种基于对数回溯法的扰动删减算法。将良性样本库中的样本以扰动的形式添加到恶意代码中,对添加的扰动进行二分删减,以较少的查询次数减少扰动的数量。最后,将恶意代码对抗样本标记为恶意并对检测器进行重训练,提高检测器的准确性和稳健性。实验结果表明,生成的恶意代码对抗样本可以躲避目标检测器的检测。此外,对抗训练提升了目标检测器的准确率和稳健性。
Abstract
To solve the deficiency of the malicious code detector’s ability to detect adversarial input
an adversarial training driven malicious code detection enhancement method was proposed.Firstly
the applications were preprocessed by a decompiler tool to extract API call features and map them into binary feature vectors.Secondly
the Wasserstein generative adversarial network was introduced to build a benign sample library to provide a richer combination of perturbations for malicious sample evasion detectors.Then
a perturbation reduction algorithm based on logarithmic backtracking was proposed.The benign samples were added to the malicious code in the form of perturbations
and the added benign perturbations were culled dichotomously to reduce the number of perturbations with fewer queries.Finally
the adversarial malicious code samples were marked as malicious and the detector was retrained to improve its accuracy and robustness of the detector.The experimental results show that the generated malicious code adversarial samples can evade the detector well.Additionally
the adversarial training increases the target detector’s accuracy and robustness.
关键词
Keywords
references
胡建伟 , 车欣 , 周漫 , 等 . 基于高斯混合模型的增量聚类方法识别恶意软件家族 [J]. 通信学报 , 2019 , 40 ( 6 ): 148 - 159 .
HU J W , CHE X , ZHOU M , et al . Incremental clustering method based on Gaussian mixture model to identify malware family [J]. Journal on Communications , 2019 , 40 ( 6 ): 148 - 159 .
WANG S S , CHEN Z X , YAN Q B , et al . Deep and broad URL feature mining for android malware detection [J]. Information Sciences , 2020 , 513 : 600 - 613 .
ONWUZURIKE L , MARICONTI E , ANDRIOTIS P , et al . MaMaDroid:detecting android malware by building Markov chains of behavioral models [J]. ACM Transactions on Privacy and Security , 2019 , 22 ( 2 ): 1 - 34 .
刘奇旭 , 王君楠 , 尹捷 , 等 . 对抗机器学习在网络入侵检测领域的应用 [J]. 通信学报 , 2021 , 42 ( 11 ): 1 - 12 .
LIU Q X , WANG J N , YIN J , et al . Application of adversarial machine learning in network intrusion detection [J]. Journal on Communications , 2021 , 42 ( 11 ): 1 - 12 .
李盼 , 赵文涛 , 刘强 , 等 . 机器学习安全性问题及其防御技术研究综述 [J]. 计算机科学与探索 , 2018 , 12 ( 2 ): 171 - 184 .
LI P , ZHAO W T , LIU Q , et al . Security issues and their countermeasuring techniques of machine learning:a survey [J]. Journal of Frontiers of Computer Science and Technology , 2018 , 12 ( 2 ): 171 - 184 .
DEMETRIO L , COULL S E , BIGGIO B , et al . Adversarial EXEmples:a survey and experimental evaluation of practical attacks on machine learning for windows malware detection [J]. ACM Transactions on Privacy and Security , 2021 , 24 ( 4 ): 1 - 31 .
LI D Q , LI Q M , YE Y F , et al . Arms race in adversarial malware detection:a survey [J]. ACM Computing Surveys , 2021 , 55 ( 1 ): 1 - 35 .
MIRZAEIAN A , KOSECKA J , HOMAYOUN H , et al . Diverse knowledge distillation (DKD):a solution for improving the robustness of ensemble models against adversarial attacks [C]// Proceedings of 2021 22nd International Symposium on Quality Electronic Design . Piscataway:IEEE Press , 2021 : 319 - 324 .
KWON H , LEE J . Diversity adversarial training against adversarial attack on deep neural networks [J]. Symmetry , 2021 , 13 ( 3 ): 428 .
WANG D R , LI C R , WEN S , et al . Defending against adversarial attack towards deep neural networks via collaborative multi-task training [J]. IEEE Transactions on Dependable and Secure Computing , 2022 , 19 ( 2 ): 953 - 965 .
LI D Q , LI Q M . Adversarial deep ensemble:evasion attacks and defenses for malware detection [J]. IEEE Transactions on Information Forensics and Security , 2020 , 15 : 3886 - 3900 .
WANG J N , LIU Q X , LIU C G , et al . GAN-based adversarial patch for malware C2 traffic to bypass DL detector [C]// Information and Communications Security . Berlin:Springer , 2021 : 78 - 96 .
WANG C Y , ZHANG L L , ZHAO K , et al . AdvAndMal:adversarial training for android malware detection and family classification [J]. Symmetry , 2021 , 13 ( 6 ): 1081 .
GOODFELLOW I , POUGET-ABADIE J , MIRZA M , et al . Generative adversarial networks [J]. Communications of the ACM , 2020 , 63 ( 11 ): 139 - 144 .
KIM J Y , BU S J , CHO S B . Malware detection using deep transferred generative adversarial networks [C]// Neural Information Processing . Berlin:Springer , 2017 : 556 - 564 .
KIM J Y , BU S J , CHO S B . Zero-day malware detection using transferred generative adversarial networks based on deep autoencoders [J]. Information Sciences , 2018 , 460/461 : 83 - 102 .
LIU Y H , LI J Q , LIU B X , et al . Malware detection method based on image analysis and generative adversarial networks [J]. Concurrency and Computation:Practice and Experience,2022:doi.org/10.1002/cpe.7170 .
SUCIU O , COULL S E , JOHNS J . Exploring adversarial examples in malware detection [C]// Proceedings of 2019 IEEE Security and Privacy Workshops . Piscataway:IEEE Press , 2019 : 8 - 14 .
HU W W , TAN Y . Generating adversarial malware examples for black-box attacks based on GAN [J]. arXiv Preprint,arXiv:1702.05983 , 2017 .
王万良 , 李卓蓉 . 生成式对抗网络研究进展 [J]. 通信学报 , 2018 , 39 ( 2 ): 135 - 148 .
WANG W L , LI Z R . Advances in generative adversarial network [J]. Journal on Communications , 2018 , 39 ( 2 ): 135 - 148 .
唐川 , 张义 , 杨岳湘 , 等 . DroidGAN:基于DCGAN的Android对抗样本生成框架 [J]. 通信学报 , 2018 , 39 ( S1 ): 64 - 69 .
TANG C , ZHANG Y , YANG Y X , et al . DroidGAN:Android adversarial sample generation framework based on DCGAN [J]. Journal on Communications , 2018 , 39 ( S1 ): 64 - 69 .
ARJOVSKY M , CHINTALA S , BOTTOU L . Wasserstein generative adversarial networks [C]// Proceedings of the 34th International Conference on Machine Learning .[S.l.]: JMLR.org , 2017 : 214 - 223 .
0
浏览量
436
下载量
0
CSCD
- 网络PDF下载
- XML下载
- Meta-XML下载
- BibTeX下载
- Endnote下载
- RefMan 下载
- NoteExpress下载
- NoteFirst下载
关联资源
相关文章
相关作者
相关机构
AI问答
鸿云智能
中文
- 技术支持由北京北大方正电子有限公司提供 京ICP备09064830号-19
京公网安备11010802024621 - 本系统建议在Chrome、 IE9+ 以上版本浏览器阅读本站内容,360浏览器请切换至极速模式
- Cookies帮助我们提供服务并提供个性化体验。使用本网站,即表示您同意我们使用Cookies
- 总访问量:151733 今日访问量:2