SoK: Arms Race in Adversarial Malware Detection
release_ijpd6gdu6bcatcsirmbdjnnujy
by
Deqiang Li, Qianmu Li, Yanfang Ye, Shouhuai Xu
2020
Abstract
Malicious software (malware) is a major cyber threat that shall be tackled
with Machine Learning (ML) techniques because millions of new malware examples
are injected into cyberspace on a daily basis. However, ML is known to be
vulnerable to attacks known as adversarial examples. In this SoK paper, we
systematize the field of Adversarial Malware Detection (AMD) through the lens
of a unified framework of assumptions, attacks, defenses and security
properties. This not only guides us to map attacks and defenses into some
partial order structures, but also allows us to clearly describe the
attack-defense arms race in the AMD context. In addition to manually drawing
insights, we also propose using ML to draw insights from the systematized
representation of the literature. Examples of the insights are: knowing the
defender's feature set is critical to the attacker's success; attack tactic (as
a core part of the threat model) largely determines what security property of a
malware detector can be broke; there is currently no silver bullet defense
against evasion attacks or poisoning attacks; defense tactic largely determines
what security properties can be achieved by a malware detector; knowing
attacker's manipulation set is critical to defender's success; ML is an
effective method for insights learning in SoK studies. These insights shed
light on future research directions.
In text/plain
format
Archived Files and Locations
application/pdf 1.4 MB
file_y7cs27atnbgarnj6rpxiarv5wy
|
arxiv.org (repository) web.archive.org (webarchive) |
2005.11671v2
access all versions, variants, and formats of this works (eg, pre-prints)