Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference最新文献_第4页

Robustness of Image-Based Malware Classification Models trained with Generative Adversarial Networks 生成对抗网络训练的基于图像的恶意软件分类模型的鲁棒性

Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference Pub Date : 2023-06-14 DOI: 10.1145/3590777.3590792

Ciaran Reilly, Stephen O Shaughnessy, Christina Thorpe

{"title":"Robustness of Image-Based Malware Classification Models trained with Generative Adversarial Networks","authors":"Ciaran Reilly, Stephen O Shaughnessy, Christina Thorpe","doi":"10.1145/3590777.3590792","DOIUrl":"https://doi.org/10.1145/3590777.3590792","url":null,"abstract":"As malware continues to evolve, deep learning models are increasingly used for malware detection and classification, including image-based classification. However, adversarial attacks can be used to perturb images so as to evade detection by these models. This study investigates the effectiveness of training deep learning models with Generative Adversarial Network-generated data to improve their robustness against such attacks. Two image conversion methods, byteplot and space-filling curves, were used to represent the malware samples, and a ResNet-50 architecture was used to train models on the image datasets. The models were then tested against a projected gradient descent attack. It was found that without GAN-generated data, the models’ prediction performance drastically decreased from 93-95% to 4.5% accuracy. However, the addition of adversarial images to the training data almost doubled the accuracy of the models. This study highlights the potential benefits of incorporating GAN-generated data in the training of deep learning models to improve their robustness against adversarial attacks.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128509868","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1

Effect of Power Conversion Efficiency of the RF Energy Harvester on the Security and Data Rate of the Self-Sustainable IoT Devices 射频能量采集器功率转换效率对自续物联网设备安全性和数据速率的影响

Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference Pub Date : 2023-06-14 DOI: 10.1145/3590777.3590796

Fariborz Lohrabi Pour, D. Ha

引用次数: 0

RADAR: A TTP-based Extensible, Explainable, and Effective System for Network Traffic Analysis and Malware Detection 雷达:一个基于ttp的可扩展、可解释和有效的网络流量分析和恶意软件检测系统

Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference Pub Date : 2022-12-07 DOI: 10.1145/3590777.3590804

Yashovardhan Sharma, S. Birnbach, I. Martinovic

{"title":"RADAR: A TTP-based Extensible, Explainable, and Effective System for Network Traffic Analysis and Malware Detection","authors":"Yashovardhan Sharma, S. Birnbach, I. Martinovic","doi":"10.1145/3590777.3590804","DOIUrl":"https://doi.org/10.1145/3590777.3590804","url":null,"abstract":"Network analysis and machine learning techniques have been widely applied for building malware detection systems. Though these systems attain impressive results, they often are (i) not extensible, being monolithic, well tuned for the specific task they have been designed for but very difficult to adapt and/or extend to other settings, and (ii) not interpretable, being black boxes whose inner complexity makes it impossible to link the result of detection with its root cause, making further analysis of threats a challenge. In this paper we present RADAR, an extensible and explainable system that exploits the popular TTP (Tactics, Techniques, and Procedures) ontology of adversary behaviour described in the industry-standard MITRE ATT&CK framework in order to unequivocally identify and classify malicious behaviour using network traffic. We evaluate RADAR on a very large dataset comprising of 2,286,907 malicious and benign samples, representing a total of 84,792,452 network flows. The experimental analysis confirms that the proposed methodology can be effectively exploited: RADAR’s ability to detect malware is comparable to other state-of-the-art non-interpretable systems’ capabilities. To the best of our knowledge, RADAR is the first TTP-based system for malware detection that uses machine learning while being extensible and explainable.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129760757","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1

Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference 2023年欧洲跨学科网络安全会议论文集

Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference Pub Date : 1900-01-01 DOI: 10.1145/3590777

引用次数: 0