Ciaran Reilly, Stephen O Shaughnessy, Christina Thorpe
{"title":"Robustness of Image-Based Malware Classification Models trained with Generative Adversarial Networks","authors":"Ciaran Reilly, Stephen O Shaughnessy, Christina Thorpe","doi":"10.1145/3590777.3590792","DOIUrl":"https://doi.org/10.1145/3590777.3590792","url":null,"abstract":"As malware continues to evolve, deep learning models are increasingly used for malware detection and classification, including image-based classification. However, adversarial attacks can be used to perturb images so as to evade detection by these models. This study investigates the effectiveness of training deep learning models with Generative Adversarial Network-generated data to improve their robustness against such attacks. Two image conversion methods, byteplot and space-filling curves, were used to represent the malware samples, and a ResNet-50 architecture was used to train models on the image datasets. The models were then tested against a projected gradient descent attack. It was found that without GAN-generated data, the models’ prediction performance drastically decreased from 93-95% to 4.5% accuracy. However, the addition of adversarial images to the training data almost doubled the accuracy of the models. This study highlights the potential benefits of incorporating GAN-generated data in the training of deep learning models to improve their robustness against adversarial attacks.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128509868","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Effect of Power Conversion Efficiency of the RF Energy Harvester on the Security and Data Rate of the Self-Sustainable IoT Devices","authors":"Fariborz Lohrabi Pour, D. Ha","doi":"10.1145/3590777.3590796","DOIUrl":"https://doi.org/10.1145/3590777.3590796","url":null,"abstract":"This paper presents a study on the impact of the power conversion efficiency (PCE) of RF energy harvesters on the performance of wireless Internet-of-Things (IoT) devices including the sampling rate and data security. An RF energy harvester to harvest energy from the career frequency of 2.64 GHz is designed and prototyped for measurements. A microcontroller unit (MCU) adopts Tiny Encryption Algorithm (TEA) with a 128-bit key for data encryption. Measurement results indicate that as the amount of energy harvested increases, the maximum sampling rate and the security of the data can also increase. It implies the power conversion efficiency (PCE) impacts on both the data rate and data security of self-powered wireless IoT devices.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"95 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129205418","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"RADAR: A TTP-based Extensible, Explainable, and Effective System for Network Traffic Analysis and Malware Detection","authors":"Yashovardhan Sharma, S. Birnbach, I. Martinovic","doi":"10.1145/3590777.3590804","DOIUrl":"https://doi.org/10.1145/3590777.3590804","url":null,"abstract":"Network analysis and machine learning techniques have been widely applied for building malware detection systems. Though these systems attain impressive results, they often are (i) not extensible, being monolithic, well tuned for the specific task they have been designed for but very difficult to adapt and/or extend to other settings, and (ii) not interpretable, being black boxes whose inner complexity makes it impossible to link the result of detection with its root cause, making further analysis of threats a challenge. In this paper we present RADAR, an extensible and explainable system that exploits the popular TTP (Tactics, Techniques, and Procedures) ontology of adversary behaviour described in the industry-standard MITRE ATT&CK framework in order to unequivocally identify and classify malicious behaviour using network traffic. We evaluate RADAR on a very large dataset comprising of 2,286,907 malicious and benign samples, representing a total of 84,792,452 network flows. The experimental analysis confirms that the proposed methodology can be effectively exploited: RADAR’s ability to detect malware is comparable to other state-of-the-art non-interpretable systems’ capabilities. To the best of our knowledge, RADAR is the first TTP-based system for malware detection that uses machine learning while being extensible and explainable.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129760757","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","authors":"","doi":"10.1145/3590777","DOIUrl":"https://doi.org/10.1145/3590777","url":null,"abstract":"","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131966609","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}