International Conference on Detection of intrusions and malware, and vulnerability assessment最新文献

Madvex: Instrumentation-based Adversarial Attacks on Machine Learning Malware Detection Madvex:机器学习恶意软件检测中基于仪器的对抗性攻击

International Conference on Detection of intrusions and malware, and vulnerability assessment Pub Date : 2023-05-04 DOI: 10.48550/arXiv.2305.02559

Nils Loose, Felix Mächtle, Claudius Pott, V. Bezsmertnyĭ, T. Eisenbarth

{"title":"Madvex: Instrumentation-based Adversarial Attacks on Machine Learning Malware Detection","authors":"Nils Loose, Felix Mächtle, Claudius Pott, V. Bezsmertnyĭ, T. Eisenbarth","doi":"10.48550/arXiv.2305.02559","DOIUrl":"https://doi.org/10.48550/arXiv.2305.02559","url":null,"abstract":"WebAssembly (Wasm) is a low-level binary format for web applications, which has found widespread adoption due to its improved performance and compatibility with existing software. However, the popularity of Wasm has also led to its exploitation for malicious purposes, such as cryptojacking, where malicious actors use a victim's computing resources to mine cryptocurrencies without their consent. To counteract this threat, machine learning-based detection methods aiming to identify cryptojacking activities within Wasm code have emerged. It is well-known that neural networks are susceptible to adversarial attacks, where inputs to a classifier are perturbed with minimal changes that result in a crass misclassification. While applying changes in image classification is easy, manipulating binaries in an automated fashion to evade malware classification without changing functionality is non-trivial. In this work, we propose a new approach to include adversarial examples in the code section of binaries via instrumentation. The introduced gadgets allow for the inclusion of arbitrary bytes, enabling efficient adversarial attacks that reliably bypass state-of-the-art machine learning classifiers such as the CNN-based Minos recently proposed at NDSS 2021. We analyze the cost and reliability of instrumentation-based adversarial example generation and show that the approach works reliably at minimal size and performance overheads.","PeriodicalId":268358,"journal":{"name":"International Conference on Detection of intrusions and malware, and vulnerability assessment","volume":"101 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-05-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127569952","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 1

How Does Malware Use RDTSC? A Study on Operations Executed by Malware with CPU Cycle Measurement 恶意软件如何使用RDTSC?基于CPU周期测量的恶意软件执行操作研究

International Conference on Detection of intrusions and malware, and vulnerability assessment Pub Date : 2019-06-19 DOI: 10.1007/978-3-030-22038-9_10

Y. Oyama

引用次数: 7

Practical Password Hardening Based on TLS 基于TLS的实用密码加固

International Conference on Detection of intrusions and malware, and vulnerability assessment Pub Date : 2019-06-19 DOI: 10.1007/978-3-030-22038-9_21

Constantinos Diomedous, E. Athanasopoulos

引用次数: 7

Wild Extensions: Discovering and Analyzing Unlisted Chrome Extensions 野生扩展:发现和分析未上市的Chrome扩展

International Conference on Detection of intrusions and malware, and vulnerability assessment Pub Date : 2019-06-19 DOI: 10.1007/978-3-030-22038-9_1

Aidan Beggs, A. Kapravelos

引用次数: 1

TypeMiner: Recovering Types in Binary Programs Using Machine Learning TypeMiner:使用机器学习恢复二进制程序中的类型

International Conference on Detection of intrusions and malware, and vulnerability assessment Pub Date : 2019-06-19 DOI: 10.1007/978-3-030-22038-9_14

Alwin Maier, Hugo Gascon, Christian Wressnegger, Konrad Rieck

引用次数: 24

On the Perils of Leaking Referrers in Online Collaboration Services 在线协作服务中referer泄露的危险

International Conference on Detection of intrusions and malware, and vulnerability assessment Pub Date : 2019-06-19 DOI: 10.1007/978-3-030-22038-9_4

Beliz Kaleli, Manuel Egele, G. Stringhini

引用次数: 3

Large-Scale Analysis of Infrastructure-Leaking DNS Servers 大规模基础设施DNS服务器泄漏分析

International Conference on Detection of intrusions and malware, and vulnerability assessment Pub Date : 2019-06-19 DOI: 10.1007/978-3-030-22038-9_17

Dennis Tatang, C. Schneider, Thorsten Holz

引用次数: 6

Overshadow PLC to Detect Remote Control-Logic Injection Attacks 遮蔽PLC以检测远程控制逻辑注入攻击

International Conference on Detection of intrusions and malware, and vulnerability assessment Pub Date : 2019-06-19 DOI: 10.1007/978-3-030-22038-9_6

Hyunguk Yoo, Sushma Kalle, Jared M. Smith, Irfan Ahmed

引用次数: 19

Morellian Analysis for Browsers: Making Web Authentication Stronger with Canvas Fingerprinting Morellian分析浏览器:使Web认证与画布指纹更强

International Conference on Detection of intrusions and malware, and vulnerability assessment Pub Date : 2019-06-19 DOI: 10.1007/978-3-030-22038-9_3

Pierre Laperdrix, Gildas Avoine, B. Baudry, Nick Nikiforakis

引用次数: 23

Detecting, Fingerprinting and Tracking Reconnaissance Campaigns Targeting Industrial Control Systems 针对工业控制系统的探测、指纹识别和跟踪侦察活动

International Conference on Detection of intrusions and malware, and vulnerability assessment Pub Date : 2019-06-19 DOI: 10.1007/978-3-030-22038-9_5

Olivier Cabana, A. Youssef, M. Debbabi, Bernard Lebel, Marthe Kassouf, B. Agba

引用次数: 6