Title

Detection of induced false negatives in malware samples

Document Type

Conference Proceeding

Publication Title

2021 18th International Conference on Privacy, Security and Trust (PST)

Publisher

IEEE

School

School of Science

RAS ID

43170

Comments

Wood, A., & Johnstone, M. N. (2021, December). Detection of induced false negatives in malware samples [Paper presentation]. 2021 18th International Conference on Privacy, Security and Trust (PST), Auckland, New Zealand.

https://doi.org/10.1109/PST52912.2021.9647787

Abstract

Malware detection is an important area of cyber security. Computer systems rely on malware detection applications to prevent malware attacks from succeeding. Malware detection is not a straightforward task, as new variants of malware are generated at an increasing rate. Machine learning (ML) has been utilised to generate predictive classification models to identify new malware variants which conventional malware detection methods may not detect. Machine learning, has however, been found to be vulnerable to different types of adversarial attacks, in which an attacker is able to negatively affect the classification ability of the ML model. Several defensive measures to prevent adversarial poisoning attacks have been developed, but they often rely on the use of a trusted clean dataset to help identify and remove adversarial examples from the training dataset. The defence in this paper does not require a trusted clean dataset, but instead, identifies intentional false negatives (zero day malware classified as benign) at the testing stage by examining the activation weights of the ML model. The defence was able to identify 94.07% of the successful targeted poisoning attacks.

DOI

10.1109/PST52912.2021.9647787

Access Rights

subscription content

Research Themes

Securing Digital Futures

Priority Areas

Critical Infrastructure

Share

 
COinS