pith. sign in

arxiv: 1707.05970 · v5 · pith:RHMGAA75new · submitted 2017-07-19 · 💻 cs.CR · cs.LG· cs.NE

Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers

Ishai Rosenberg , Asaf Shabtai , Lior Rokach , Yuval Elovici This is my paper
classification 💻 cs.CR cs.LGcs.NE
keywords malwareclassifiersattackbinaryblack-boxcalllearningmachine
0
0 comments X
read the original abstract

In this paper, we present a black-box attack against API call based machine learning malware classifiers, focusing on generating adversarial sequences combining API calls and static features (e.g., printable strings) that will be misclassified by the classifier without affecting the malware functionality. We show that this attack is effective against many classifiers due to the transferability principle between RNN variants, feed forward DNNs, and traditional machine learning classifiers such as SVM. We also implement GADGET, a software framework to convert any malware binary to a binary undetected by malware classifiers, using the proposed attack, without access to the malware source code.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. FortuneTeller: Predicting Microarchitectural Attacks via Unsupervised Deep Learning

    cs.CR 2019-07 unverdicted novelty 6.0

    An RNN trained unsupervised on benign hardware counter traces detects multiple unseen attacks including Meltdown, Spectre, Rowhammer and Zombieload with F-score 0.9970.