ELAMD: An ensemble learning framework for adversarial malware defense

Jiaqi Chen, Chong Yuan, Jiashuo Li, Donghai Tian*, Rui Ma, Xiaoqi Jia

*此作品的通讯作者

科研成果: 期刊稿件文章同行评审

5 引用 (Scopus)

摘要

Machine learning-based methods have been widely used in malware detection. However, recent studies show that models based on machine learning (or deep learning) are vulnerable to adversarial attacks. For example, slight perturbation to input can cause the models to produce false detection results with high confidence. Although some research efforts have been made to defend against adversarial attacks, the existing methods suffer from limitations in terms of detection accuracy and labeling cost. To address this problem, we propose an ensemble learning framework for Windows malware adversarial defense that contains two methods. The first one is an adversarial sample detection method to defeat specific adversarial attacks. This method takes malware features into groups and uses ensemble learning to detect the adversarial sample. The second one is an anomaly detection method to defend against agnostic adversarial attacks. This method regards adversarial samples as outliers and utilizes unsupervised and semi-supervised learning to construct anomaly detection models. We use the adversarial defense methods proposed as supplementary modules to the original malware detection models. Experiments show that our methods can improve malware detection model robustness against adversarial attacks. Moreover, comparison experiments indicate that our methods outperform traditional adversarial training by about 11% on detection accuracy.

源语言英语
文章编号103508
期刊Journal of Information Security and Applications
75
DOI
出版状态已出版 - 6月 2023

指纹

探究 'ELAMD: An ensemble learning framework for adversarial malware defense' 的科研主题。它们共同构成独一无二的指纹。

引用此