Toward an Effective Black-Box Adversarial Attack on Functional JavaScript Malware against Commercial Anti-Virus

Toward an Effective Black-Box Adversarial Attack on Functional JavaScript Malware against Commercial Anti-Virus

연구 분야: Strategies

학회: CIKM '21: Proceedings of the 30th ACM International Conference on Information & Knowledge Management

Machine learning has been a rising technique in signatureless malware detection and is popular in the anti-virus industry. Despite the powerful ability of machine learning, it is known to be vulnerable to attack by injecting specially crafted input noise (adversarial example). In this paper, we develop a systematic attack method that is effective, general and also efficient which automatically generates functional malware. Experiment results showed that such adversarial malware could deceive commercial anti-virus and completely defeat learning-based malware detector provided by a well-known anti-virus vendor. We further examine the effectiveness of our approach on multiple anti-virus engines on VirusTotal and investigate the transferability of our proposed method between different features and classification algorithms. Finally, we show how our attack could resist JavaScript de-obfuscation techniques.