The Robust Malware Detection Challenge and Greedy Random Accelerated Multi-Bit Search

Sicco Verwer, Azqa Nadeem, Christian Hammerschmidt, Laurens Bliek, Abdullah Al-Dujaili, Una May O'Reilly

    Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

    Samenvatting

    Training classifiers that are robust against adversarially modified examples is becoming increasingly important in practice. In the field of malware detection, adversaries modify malicious binary files to seem benign while preserving their malicious behavior. We report on the results of a recently held robust malware detection challenge. There were two tracks in which teams could participate: The attack track asked for adversarially modified malware samples and the defend track asked for trained neural network classifiers that are robust to such modifications. The teams were unaware of the attacks/defenses they had to detect/evade. Although only 9 teams participated, this unique setting allowed us to make several interesting observations. We also present the challenge winner: GRAMS, a family of novel techniques to train adversarially robust networks that preserve the intended (malicious) functionality and yield high-quality adversarial samples. These samples are used to iteratively train a robust classifier. We show that our techniques, based on discrete optimization techniques, beat purely gradient-based methods. GRAMS obtained first place in both the attack and defend tracks of the competition.

    Originele taal-2Engels
    TitelAISec 2020 - Proceedings of the 13th ACM Workshop on Artificial Intelligence and Security
    UitgeverijAssociation for Computing Machinery, Inc
    Pagina's61-70
    Aantal pagina's10
    ISBN van elektronische versie9781450380942
    DOI's
    StatusGepubliceerd - 13 nov 2020
    Evenement13th ACM Workshop on Artificial Intelligence and Security, AISec 2020 - Virtual, Online, Verenigde Staten van Amerika
    Duur: 13 nov 2020 → …

    Congres

    Congres13th ACM Workshop on Artificial Intelligence and Security, AISec 2020
    LandVerenigde Staten van Amerika
    StadVirtual, Online
    Periode13/11/20 → …

    Vingerafdruk Duik in de onderzoeksthema's van 'The Robust Malware Detection Challenge and Greedy Random Accelerated Multi-Bit Search'. Samen vormen ze een unieke vingerafdruk.

    Citeer dit