English

ATMPA: Attacking Machine Learning-based Malware Visualization Detection Methods via Adversarial Examples

Cryptography and Security 2020-01-01 v3

Abstract

Since the threat of malicious software (malware) has become increasingly serious, automatic malware detection techniques have received increasing attention, where machine learning (ML)-based visualization detection methods become more and more popular. In this paper, we demonstrate that the state-of-the-art ML-based visualization detection methods are vulnerable to Adversarial Example (AE) attacks. We develop a novel Adversarial Texture Malware Perturbation Attack (ATMPA) method based on the gradient descent and L-norm optimization method, where attackers can introduce some tiny perturbations on the transformed dataset such that ML-based malware detection methods will completely fail. The experimental results on the MS BIG malware dataset show that a small interference can reduce the accuracy rate down to 0% for several ML-based detection methods, and the rate of transferability is 74.1% on average.

Keywords

Cite

@article{arxiv.1808.01546,
  title  = {ATMPA: Attacking Machine Learning-based Malware Visualization Detection Methods via Adversarial Examples},
  author = {Xinbo Liu and Jiliang Zhang and Yaping Lin and He Li},
  journal= {arXiv preprint arXiv:1808.01546},
  year   = {2020}
}

Comments

9 pages, 5 figures

R2 v1 2026-06-23T03:24:38.067Z