Multi-view Representation Learning from Malware to Defend Against Adversarial Variants

James Lee Hu; Mohammadreza Ebrahimi; Weifeng Li; Xin Li; Hsinchun Chen

doi:10.1109/ICDMW58026.2022.00066

Multi-view Representation Learning from Malware to Defend Against Adversarial Variants

James Lee Hu, Mohammadreza Ebrahimi, Weifeng Li, Xin Li, Hsinchun Chen

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Deep learning-based adversarial malware detectors have yielded promising results in detecting never-before-seen malware executables without relying on expensive dynamic behavior analysis and sandbox. Despite their abilities, these detectors have been shown to be vulnerable to adversarial malware variants - meticulously modified, functionality-preserving versions of original malware executables generated by machine learning. Due to the nature of these adversarial modifications, these adversarial methods often use a single view of malware executables (i.e., the binary/hexadecimal view) to generate adversarial malware variants. This provides an opportunity for the defenders (i.e., malware detectors) to detect the adversarial variants by utilizing more than one view of a malware file (e.g., source code view in addition to the binary view). The rationale behind this idea is that while the adversary focuses on the binary view, certain characteristics of the malware file in the source code view remain untouched which leads to the detection of the adversarial malware variants. To capitalize on this opportunity, we propose Adversarially Robust Multiview Malware Defense (ARMD), a novel multi-view learning framework to improve the robustness of DL-based malware detectors against adversarial variants. Our experiments on three renowned open-source deep learning-based malware detectors across six common malware categories show that ARMD is able to improve the adversarial robustness by up to seven times on these malware detectors.

Original language	English (US)
Title of host publication	Proceedings - 22nd IEEE International Conference on Data Mining Workshops, ICDMW 2022
Editors	K. Selcuk Candan, Thang N. Dinh, My T. Thai, Takashi Washio
Publisher	IEEE Computer Society
Pages	451-458
Number of pages	8
ISBN (Electronic)	9798350346091
DOIs	https://doi.org/10.1109/ICDMW58026.2022.00066
State	Published - 2022
Event	22nd IEEE International Conference on Data Mining Workshops, ICDMW 2022 - Orlando, United States Duration: Nov 28 2022 → Dec 1 2022

Publication series

Name	IEEE International Conference on Data Mining Workshops, ICDMW
Volume	2022-November
ISSN (Print)	2375-9232
ISSN (Electronic)	2375-9259

Conference

Conference	22nd IEEE International Conference on Data Mining Workshops, ICDMW 2022
Country/Territory	United States
City	Orlando
Period	11/28/22 → 12/1/22

Keywords

Adversarial Machine Learning
Adversarial Malware Variants
Adversarial Robustness
Deep Learning-based Malware Detectors
Multi-View Learning

ASJC Scopus subject areas

Computer Science Applications
Software

Access to Document

10.1109/ICDMW58026.2022.00066

Cite this

Hu, J. L., Ebrahimi, M., Li, W., Li, X., & Chen, H. (2022). Multi-view Representation Learning from Malware to Defend Against Adversarial Variants. In K. S. Candan, T. N. Dinh, M. T. Thai, & T. Washio (Eds.), Proceedings - 22nd IEEE International Conference on Data Mining Workshops, ICDMW 2022 (pp. 451-458). (IEEE International Conference on Data Mining Workshops, ICDMW; Vol. 2022-November). IEEE Computer Society. https://doi.org/10.1109/ICDMW58026.2022.00066

Multi-view Representation Learning from Malware to Defend Against Adversarial Variants. / Hu, James Lee; Ebrahimi, Mohammadreza; Li, Weifeng et al.
Proceedings - 22nd IEEE International Conference on Data Mining Workshops, ICDMW 2022. ed. / K. Selcuk Candan; Thang N. Dinh; My T. Thai; Takashi Washio. IEEE Computer Society, 2022. p. 451-458 (IEEE International Conference on Data Mining Workshops, ICDMW; Vol. 2022-November).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Hu, JL, Ebrahimi, M, Li, W, Li, X & Chen, H 2022, Multi-view Representation Learning from Malware to Defend Against Adversarial Variants. in KS Candan, TN Dinh, MT Thai & T Washio (eds), Proceedings - 22nd IEEE International Conference on Data Mining Workshops, ICDMW 2022. IEEE International Conference on Data Mining Workshops, ICDMW, vol. 2022-November, IEEE Computer Society, pp. 451-458, 22nd IEEE International Conference on Data Mining Workshops, ICDMW 2022, Orlando, United States, 11/28/22. https://doi.org/10.1109/ICDMW58026.2022.00066

Hu JL, Ebrahimi M, Li W, Li X, Chen H. Multi-view Representation Learning from Malware to Defend Against Adversarial Variants. In Candan KS, Dinh TN, Thai MT, Washio T, editors, Proceedings - 22nd IEEE International Conference on Data Mining Workshops, ICDMW 2022. IEEE Computer Society. 2022. p. 451-458. (IEEE International Conference on Data Mining Workshops, ICDMW). doi: 10.1109/ICDMW58026.2022.00066

Hu, James Lee ; Ebrahimi, Mohammadreza ; Li, Weifeng et al. / Multi-view Representation Learning from Malware to Defend Against Adversarial Variants. Proceedings - 22nd IEEE International Conference on Data Mining Workshops, ICDMW 2022. editor / K. Selcuk Candan ; Thang N. Dinh ; My T. Thai ; Takashi Washio. IEEE Computer Society, 2022. pp. 451-458 (IEEE International Conference on Data Mining Workshops, ICDMW).

@inproceedings{8589660714e143cc853e844febfd3ea7,

title = "Multi-view Representation Learning from Malware to Defend Against Adversarial Variants",

abstract = "Deep learning-based adversarial malware detectors have yielded promising results in detecting never-before-seen malware executables without relying on expensive dynamic behavior analysis and sandbox. Despite their abilities, these detectors have been shown to be vulnerable to adversarial malware variants - meticulously modified, functionality-preserving versions of original malware executables generated by machine learning. Due to the nature of these adversarial modifications, these adversarial methods often use a single view of malware executables (i.e., the binary/hexadecimal view) to generate adversarial malware variants. This provides an opportunity for the defenders (i.e., malware detectors) to detect the adversarial variants by utilizing more than one view of a malware file (e.g., source code view in addition to the binary view). The rationale behind this idea is that while the adversary focuses on the binary view, certain characteristics of the malware file in the source code view remain untouched which leads to the detection of the adversarial malware variants. To capitalize on this opportunity, we propose Adversarially Robust Multiview Malware Defense (ARMD), a novel multi-view learning framework to improve the robustness of DL-based malware detectors against adversarial variants. Our experiments on three renowned open-source deep learning-based malware detectors across six common malware categories show that ARMD is able to improve the adversarial robustness by up to seven times on these malware detectors.",

keywords = "Adversarial Machine Learning, Adversarial Malware Variants, Adversarial Robustness, Deep Learning-based Malware Detectors, Multi-View Learning",

author = "Hu, {James Lee} and Mohammadreza Ebrahimi and Weifeng Li and Xin Li and Hsinchun Chen",

note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; 22nd IEEE International Conference on Data Mining Workshops, ICDMW 2022 ; Conference date: 28-11-2022 Through 01-12-2022",

year = "2022",

doi = "10.1109/ICDMW58026.2022.00066",

language = "English (US)",

series = "IEEE International Conference on Data Mining Workshops, ICDMW",

publisher = "IEEE Computer Society",

pages = "451--458",

editor = "Candan, {K. Selcuk} and Dinh, {Thang N.} and Thai, {My T.} and Takashi Washio",

booktitle = "Proceedings - 22nd IEEE International Conference on Data Mining Workshops, ICDMW 2022",

}

TY - GEN

T1 - Multi-view Representation Learning from Malware to Defend Against Adversarial Variants

AU - Hu, James Lee

AU - Ebrahimi, Mohammadreza

AU - Li, Weifeng

AU - Li, Xin

AU - Chen, Hsinchun

PY - 2022

Y1 - 2022

N2 - Deep learning-based adversarial malware detectors have yielded promising results in detecting never-before-seen malware executables without relying on expensive dynamic behavior analysis and sandbox. Despite their abilities, these detectors have been shown to be vulnerable to adversarial malware variants - meticulously modified, functionality-preserving versions of original malware executables generated by machine learning. Due to the nature of these adversarial modifications, these adversarial methods often use a single view of malware executables (i.e., the binary/hexadecimal view) to generate adversarial malware variants. This provides an opportunity for the defenders (i.e., malware detectors) to detect the adversarial variants by utilizing more than one view of a malware file (e.g., source code view in addition to the binary view). The rationale behind this idea is that while the adversary focuses on the binary view, certain characteristics of the malware file in the source code view remain untouched which leads to the detection of the adversarial malware variants. To capitalize on this opportunity, we propose Adversarially Robust Multiview Malware Defense (ARMD), a novel multi-view learning framework to improve the robustness of DL-based malware detectors against adversarial variants. Our experiments on three renowned open-source deep learning-based malware detectors across six common malware categories show that ARMD is able to improve the adversarial robustness by up to seven times on these malware detectors.

AB - Deep learning-based adversarial malware detectors have yielded promising results in detecting never-before-seen malware executables without relying on expensive dynamic behavior analysis and sandbox. Despite their abilities, these detectors have been shown to be vulnerable to adversarial malware variants - meticulously modified, functionality-preserving versions of original malware executables generated by machine learning. Due to the nature of these adversarial modifications, these adversarial methods often use a single view of malware executables (i.e., the binary/hexadecimal view) to generate adversarial malware variants. This provides an opportunity for the defenders (i.e., malware detectors) to detect the adversarial variants by utilizing more than one view of a malware file (e.g., source code view in addition to the binary view). The rationale behind this idea is that while the adversary focuses on the binary view, certain characteristics of the malware file in the source code view remain untouched which leads to the detection of the adversarial malware variants. To capitalize on this opportunity, we propose Adversarially Robust Multiview Malware Defense (ARMD), a novel multi-view learning framework to improve the robustness of DL-based malware detectors against adversarial variants. Our experiments on three renowned open-source deep learning-based malware detectors across six common malware categories show that ARMD is able to improve the adversarial robustness by up to seven times on these malware detectors.

KW - Adversarial Machine Learning

KW - Adversarial Malware Variants

KW - Adversarial Robustness

KW - Deep Learning-based Malware Detectors

KW - Multi-View Learning

UR - http://www.scopus.com/inward/record.url?scp=85148453933&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85148453933&partnerID=8YFLogxK

U2 - 10.1109/ICDMW58026.2022.00066

DO - 10.1109/ICDMW58026.2022.00066

M3 - Conference contribution

AN - SCOPUS:85148453933

T3 - IEEE International Conference on Data Mining Workshops, ICDMW

SP - 451

EP - 458

BT - Proceedings - 22nd IEEE International Conference on Data Mining Workshops, ICDMW 2022

A2 - Candan, K. Selcuk

A2 - Dinh, Thang N.

A2 - Thai, My T.

A2 - Washio, Takashi

PB - IEEE Computer Society

T2 - 22nd IEEE International Conference on Data Mining Workshops, ICDMW 2022

Y2 - 28 November 2022 through 1 December 2022

ER -

Multi-view Representation Learning from Malware to Defend Against Adversarial Variants

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this