Detection of induced false negatives in malware samples
Document Type
Conference Proceeding
Publication Title
2021 18th International Conference on Privacy, Security and Trust (PST)
Publisher
IEEE
School
School of Science
RAS ID
43170
Abstract
Malware detection is an important area of cyber security. Computer systems rely on malware detection applications to prevent malware attacks from succeeding. Malware detection is not a straightforward task, as new variants of malware are generated at an increasing rate. Machine learning (ML) has been utilised to generate predictive classification models to identify new malware variants which conventional malware detection methods may not detect. Machine learning, has however, been found to be vulnerable to different types of adversarial attacks, in which an attacker is able to negatively affect the classification ability of the ML model. Several defensive measures to prevent adversarial poisoning attacks have been developed, but they often rely on the use of a trusted clean dataset to help identify and remove adversarial examples from the training dataset. The defence in this paper does not require a trusted clean dataset, but instead, identifies intentional false negatives (zero day malware classified as benign) at the testing stage by examining the activation weights of the ML model. The defence was able to identify 94.07% of the successful targeted poisoning attacks.
DOI
10.1109/PST52912.2021.9647787
Access Rights
subscription content
Comments
Wood, A., & Johnstone, M. N. (2021, December). Detection of induced false negatives in malware samples [Paper presentation]. 2021 18th International Conference on Privacy, Security and Trust (PST), Auckland, New Zealand.
https://doi.org/10.1109/PST52912.2021.9647787