Session

Efficient Black-box Optimization of Adversarial EXE Windows Malware

Windows malware detectors based on machine learning are vulnerable to adversarial examples, even if the attacker only has black-box access to the model.

However, of these attacks is that they require executing the adversarial malware sample in a sandbox at each iteration of its optimization process, to ensure that its intrusive functionality is preserved.

In this talk, we present a novel black-box attack that leverages a set of semantics-preserving, constrained malware manipulations to overcome this computationally-demanding validation step. 

Our attack is formalized as a constrained minimization problem which also enables optimizing the trade-off between the probability of evading detection and the size of the adversarial payload.

We investigate this trade-off empirically, on two static malware detectors, and show that our black-box attack is able to bypass them with only few iterations.

We conclude by discussing the limitations of our approach, and possible future extensions to target dynamic-based malware classifiers.

 

Biography

Luca Demetrio is a third-year Ph.D. student of the “Università degli Studi di Genova”, in Italy.

His main interests focus on the application of Adversarial Machine Learning techniques for Malware Detection.

Jointly working with Prof. Biggio, he is developing new white-box and black-box attacks against these kinds of detectors, leveraging the manipulation of malware samples with transformations that are semantics-invariant by design.

 

Latest news

3 reasons you need to be at CyberSec&AI ...

Partnerships and collaborations drive progress and technological advances. With travel restrictions ...

Podcast: Avast’s Michal Pechoucek on what e...

Michal is one of the chief architects behind CyberSec&AI Connected, which takes place online on ...

Bobby Filar, Lead Data Scientist at Elastic, ...

Bobby Filar is the Lead Data Scientist at Elastic where he employs machine learning and natural lang...

Professor Lorenzo Cavallaro on adversarial ma...

Lorenzo leads the Systems Security Research Lab where he specializes in the intersection of program ...