Structural Adversarial Examples for Graph-Based Malware Detectors

In recent years, malware classifiers combined with machine learning (ML) techniques have achieved excellent results in detecting unknown IoT malware. The detectors based on Control Flow Graph (CFG) can more accurately present the execution flow and semantics of the executables, so it is regarded as an effective technology for malware detection. However, with the widespread application of machine learning, evaluating the robustness of malware detectors has become an urgent and important topic. In this paper, we wish to evaluate the robustness of different models through adversarial attacks. We carefully manipulate the target malware samples and inject carefully crafted opcode sequences into them to further modify the execution flow, thereby misleading structure-based malware detectors. In particular, we generate four types of available transformations while preserving the original functionality, paired with an optimized algorithm to improve query efficiency. Experimental results show that our method achieves excellent results on detectors using structure-based and opcode-based features.

Shin-Ming Cheng

Shin-Ming Cheng

National Taiwan University of Science and Technology Professor, Department of Computer Science and Information Engineering
Shin-Ming Cheng received his B.S. and Ph.D. degrees in computer science and information engineering from the National Taiwan University, Taipei, Taiwan, in 2000 and 2007, respectively. Since 2012, he has been on the faculty of the Department of Computer Science and Information Engineering, National Taiwan University of Science and Technology, Taipei, where he is currently a professor. Since 2017, he has been with the Research Center for Information Technology Innovation, Academia Sinica, Taipei, as a joint assistant research fellow. Since 2014, he incubates cybersecurity talent with the support of the Ministry of Education and holds advanced information security summer schools (AIS3) each year. His current interests are mobile network security and IoT system security. Recently, he investigates malware analysis and AI robustness. He has received IEEE Trustcom 2020, CISC 2020/2021, TANET 2021 best paper awards due to his solid research in cybersecurity.

Chi-Hsin Yang

Chi-Hsin Yang

National Taiwan University of Science and Technology, Master
Chi-Hsin Yang is a master of Computer Science and Information Engineering of National Taiwan University of Science and Technology and a member of the 5th Taiwan Holy High, and used to be an intern of CHT Security and KeyWisdom Technology.