Signature-based approaches adopted by current antimalware have well-known problems. Although they can provide relatively fast and reliable detection of previously known threats, they are not able to catch new malware and also generalize their knowledge to different variants of the same known malware. Deep learning approaches have been adopted to address this problem, and one of the most promising attempts is based on the representation of malware as images. In order to understand whether these approaches can be effectively adopted in a real-world situation, we trained an image-based malware detector and evaluate its resilience when morphed samples are considered. The experiments were conducted on 16384 real-world Android Malware, and the experimental analysis demonstrates that standard image-based malware classifiers are vulnerable to simple perturbations attacks.
Assessing the Robustness of an Image-Based Malware Classifier with Smali Level Perturbations Techniques
Santone A.;Mercaldo F.
2022-01-01
Abstract
Signature-based approaches adopted by current antimalware have well-known problems. Although they can provide relatively fast and reliable detection of previously known threats, they are not able to catch new malware and also generalize their knowledge to different variants of the same known malware. Deep learning approaches have been adopted to address this problem, and one of the most promising attempts is based on the representation of malware as images. In order to understand whether these approaches can be effectively adopted in a real-world situation, we trained an image-based malware detector and evaluate its resilience when morphed samples are considered. The experiments were conducted on 16384 real-world Android Malware, and the experimental analysis demonstrates that standard image-based malware classifiers are vulnerable to simple perturbations attacks.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.