원문정보
초록
영어
Recently, Machine Learning-based visualization approaches have been proposed to combat the problem of malware detection. Unfortunately, these techniques are exposed to Adversarial examples. Adversarial examples are noises which can deceive the deep learning based malware detection network such that the malware becomes unrecognizable. To address the shortcomings of these approaches, we present Blockmatching and 3D filtering (BM3D) algorithm and deep image prior based denoising technique to defend against adversarial examples on visualization-based malware detection systems. The BM3D based denoising method eliminates most of the adversarial noise. After that the deep image prior based denoising removes the remaining subtle noise. Experimental results on the MS BIG malware dataset and benign samples show that the proposed denoising based defense recovers the performance of the adversarial attacked CNN model for malware detection to some extent.
목차
1. Introduction
2. Related Works
3. Adversarial Attack on Malware detecting Convolutional Neural Network
3.1 Visualization
3.2 ML-based malware visualization detection approach
3.3 Generation of Adversarial Examples
4. Denoising based Adversarial Defense for Malware Detection Neural Network
5. Experiments
5.1 Dataset
5.2 Experimental Setup
5.3 Results and Discussion
6. Conclusion
Acknowledgement
References