Browse > Article
http://dx.doi.org/10.13089/JKIISC.2022.32.5.997

A Study on Robustness Evaluation and Improvement of AI Model for Malware Variation Analysis  

Lee, Eun-gyu (Hoseo University)
Jeong, Si-on (Hoseo University)
Lee, Hyun-woo (Hoseo University)
Lee, Tea-jin (Hoseo University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.32, no.5, 2022 , pp. 997-1008 More about this Journal
Abstract
Today, AI(Artificial Intelligence) technology is being extensively researched in various fields, including the field of malware detection. To introduce AI systems into roles that protect important decisions and resources, it must be a reliable AI model. AI model that dependent on training dataset should be verified to be robust against new attacks. Rather than generating new malware detection, attackers find malware detection that succeed in attacking by mass-producing strains of previously detected malware detection. Most of the attacks, such as adversarial attacks, that lead to misclassification of AI models, are made by slightly modifying past attacks. Robust models that can be defended against these variants is needed, and the Robustness level of the model cannot be evaluated with accuracy and recall, which are widely used as AI evaluation indicators. In this paper, we experiment a framework to evaluate robustness level by generating an adversarial sample based on one of the adversarial attacks, C&W attack, and to improve robustness level through adversarial training. Through experiments based on malware dataset in this study, the limitations and possibilities of the proposed method in the field of malware detection were confirmed.
Keywords
artificial intelligence; robustness; adversarial attack;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Papernot, Nicolas, et al. "The limitations of deep learning in adversarial settings," 2016 IEEE European symposium on security and privacy (EuroS&P). IEEE, pp. 372-387, May. 2016.
2 Biggio, Battista, and Fabio Roli. "Wild patterns: Ten years after the rise of adversarial machine learning," Pattern Recognition 84, pp. 317-331, Jul. 2018   DOI
3 Carlini, Nicholas, et al. "On evaluating adversarial robustness," arXiv preprint arXiv:1902.06705, Feb. 2019.
4 Diro, A. A., & Chilamkurti, N"Distributed attack detectionschemeusing deep learning approach for Internet of Things," Future Generation Computer Systems 82,pp. 761-768, Feb. 2018.   DOI
5 Chen, Pin-Yu, et al. "Zoo: Zeroth order optimization based black-box attacks to deep neural networks without training substitute models," Proceedings of the 10th ACM workshop on artificial intelligence and security, pp. 15-26, Nov. 2017.
6 Chang, Chih-Ling, et al. "Evaluatingrobustness of ai models againstadversarial attacks," Proceedingsof the 1st ACM Workshop onSecurityand Privacy on Artificial Intelligence.pp. 47-54, Oct. 2020.
7 dRauber, Jonas, Wieland Brendel,and Matthias Bethge. "Foolbox: Apython toolbox to benchmark the robustness of machine learningmodels," arXiv preprintarXiv:1707.04131. Jul. 2017.
8 Hartl, Alexander, et al."Explainability and adversarial robustness for rnns," 2020 IEEE Sixth International Conference on Big Data Computing Service and Applications(BigDataService). IEEE, pp. 148-156,Aug. 2020.
9 Shafique, Muhammad, et al. "Robustmachine learning systems:Challenges, current trends, perspectives, and the road ahead,"IEEE Design & Test 37.2, pp. 30-57,Apr. 2020   DOI
10 Hamon, Ronan, Henrik Junklewitz,and Ignacio Sanchez. "Robustness and explainability of artificial intelligence." Publications Officeof the European Union, Feb. 2020.
11 Goodfellow, Ian J., Jonathon Shlens,and Christian Szegedy. "Explaining and harnessing adversarial examples,"arXiv preprint arXiv:1412.6572, Dec. 2014
12 Moosavi-Dezfooli, Seyed-Mohsen, Alhussein Fawzi, and Pascal Frossard. "Deepfool: a simple and accurate method to fool deep neural networks." Proceedings of the IEEE conference on computer vision and pattern recognition, pp. 2574-2582, Jun. 2016.
13 Carlini, Nicholas, and David Wagner. "Towards evaluating the robustness of neural networks," 2017 ieee symposium on security and privacy (sp). Ieee, pp. 39-57, Jun. 2017.
14 Nicolae, Maria-Irina, et al."Adversarial Robustness Toolboxv1.0.0," arXiv preprint arXiv:1807.01069.Jul. 2018.
15 Papernot, Nicolas, et al. "Technical report on the cleverhans v2. 1.0adversarial examples library," arXivpreprint arXiv:1610.00768. Oct. 2016.
16 Berghoff, Christian, et al."Robustness testing of ai systems:acase study for traffic signrecognition," IFIP International Conference on Artificial Intelligence Applications and Innovations. Springer, Cham, pp. 256-267, Jun.2021.