Considering the weaknesses of signature-based approaches adopted by current antimalware, from both academic and industrial side there is a boost in the development of techniques exploiting artificial intelligence, where one of the most promising are based on the representation of application under analysis as image. In order to understand whether these approaches can be effectively adopted in the real-world, starting from a detector based on deep learning, in this paper we evaluate the resilience of these approaches when morphed samples are considered. We present DexWave, a tool aimed to automatically inject perturbations techniques targeting the smali code representation of Android applications. The experimental analysis demonstrate that image-based malware classifier are vulnerable to simple perturbations attack.
Perturbation of Image-based Malware Detection with Smali level morphing techniques
Santone A.;Mercaldo F.
2021-01-01
Abstract
Considering the weaknesses of signature-based approaches adopted by current antimalware, from both academic and industrial side there is a boost in the development of techniques exploiting artificial intelligence, where one of the most promising are based on the representation of application under analysis as image. In order to understand whether these approaches can be effectively adopted in the real-world, starting from a detector based on deep learning, in this paper we evaluate the resilience of these approaches when morphed samples are considered. We present DexWave, a tool aimed to automatically inject perturbations techniques targeting the smali code representation of Android applications. The experimental analysis demonstrate that image-based malware classifier are vulnerable to simple perturbations attack.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
