Towards Building Active Defense Systems for Software Applications

Over the last few years, cyber attacks have become increasingly sophisticated. PDF malware – a continuously effective method of attack due to the difficulty of classifying malicious files – is a popular target of study within the field of machine learning for cybersecurity. The obstacles to using machine learning are many: attack patterns change over time as attackers change their behavior (sometimes automatically), and application security systems are deployed in a highly resource-constrained environments, meaning that an accurate but time-consuming machine learning cannot be deployed.

[1]  Yizheng Chen,et al.  Practical Attacks Against Graph-based Clustering , 2017, CCS.

[2]  Angelos D. Keromytis,et al.  Back in Black: Towards Formal, Black Box Analysis of Sanitizers and Filters , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[3]  Kalyan Veeramachaneni,et al.  AI^2: Training a Big Data Machine to Defend , 2016, 2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS).

[4]  J. Doug Tygar,et al.  Evasion and Hardening of Tree Ensemble Classifiers , 2015, ICML.

[5]  Joung Woo Ryu,et al.  'Security Theater': On the Vulnerability of Classifiers to Exploratory Attacks , 2017, PAISI.

[6]  Ying Tan,et al.  Generating Adversarial Malware Examples for Black-Box Attacks Based on GAN , 2017, DMBD.

[7]  Lior Rokach,et al.  Generic Black-Box End-to-End Attack against RNNs and Other API Calls Based Malware Classifiers , 2017, ArXiv.

[8]  Angelos Stavrou,et al.  When a Tree Falls: Using Diversity in Ensemble Classifiers to Identify Evasion in Malware Detectors , 2016, NDSS.

[9]  Mehmed M. Kantardzic,et al.  Data Driven Exploratory Attacks on Black Box Classifiers in Adversarial Domains , 2017, Neurocomputing.

[10]  Giorgio Giacinto,et al.  Looking at the bag is not enough to find the bomb: an evasion of structural methods for malicious PDF files detection , 2013, ASIA CCS '13.

[11]  Angelos D. Keromytis,et al.  SFADiff: Automated Evasion Attacks and Fingerprinting Using Black-box Differential Automata Learning , 2016, CCS.

[12]  Arun Ross,et al.  ATM: A distributed, collaborative, scalable system for automated machine learning , 2017, 2017 IEEE International Conference on Big Data (Big Data).

[13]  Salvatore J. Stolfo,et al.  A Study of Malcode-Bearing Documents , 2007, DIMVA.

[14]  Hung Dang,et al.  Evading Classifiers by Morphing in the Dark , 2017, CCS.

[15]  Fabio Roli,et al.  Evasion Attacks against Machine Learning at Test Time , 2013, ECML/PKDD.

[16]  Yanjun Qi,et al.  Automatically Evading Classifiers: A Case Study on PDF Malware Classifiers , 2016, NDSS.

[17]  Angelos Stavrou,et al.  Malicious PDF detection using metadata and structural features , 2012, ACSAC '12.

[18]  Pavel Laskov,et al.  Practical Evasion of a Learning-Based Classifier: A Case Study , 2014, 2014 IEEE Symposium on Security and Privacy.

[19]  Lior Rokach,et al.  Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers , 2017, RAID.

[20]  Radha Poovendran,et al.  Attacking Automatic Video Analysis Algorithms: A Case Study of Google Cloud Video Intelligence API , 2017, MPS@CCS.

[21]  Liang Tong,et al.  Feature Conservation in Adversarial Classifier Evasion: A Case Study , 2017, ArXiv.