Downloads provided by UsageCountsPlease grant OpenAIRE to access and update your ORCID works.
This Research product is the result of merged Research products in OpenAIRE.
You have already added 0 works in your ORCID record related to the merged Research product.
You have already added 0 works in your ORCID record related to the merged Research product.
This Research product is the result of merged Research products in OpenAIRE.
You have already added 0 works in your ORCID record related to the merged Research product.
You have already added 0 works in your ORCID record related to the merged Research product.
amsqr at MLSEC-2021: Thwarting Adversarial Malware Evasion with a Defense-in-Depth
Mosquera, Alejandro;
Mosquera, Alejandro;
amsqr at MLSEC-2021: Thwarting Adversarial Malware Evasion with a Defense-in-Depth
This paper describes the author's participation in the 3rd edition of the Machine Learning Security Evasion Competition (MLSEC-2021) sponsored by CUJO AI, VM-Ray, MRG-Effitas, Nvidia and Microsoft. As in the previous year the goal was not only developing measures against adversarial attacks on a pre-defined set of malware samples but also finding ways of bypassing other teams' defenses in a simulated cloud environment. The submitted solutions were ranked second in both defender and attacker tracks.
Malware detection, MLSEC, Adversarial machine learning, Static malware detection
Malware detection, MLSEC, Adversarial machine learning, Static malware detection
1212
Abderrahmen Amich and Birhanu Eshete. 2021. Explanation-guided diagnosis of machine learning evasion attacks. [OpenAIRE]
Hyrum S. Anderson and Phil Roth. 2018. Ember: An open dataset for training static pe malware machine learning models.
Fabricio Ceschin, Marcus Botacin, Gabriel Lüders, Heitor Murilo Gomes, Luiz Oliveira, and Andre Gregio. 2020. No need to teach new tricks to old malware: Winning an evasion challenge with xor-based adversarial samples. In Reversing and Offensive-Oriented Trends Symposium, ROOTS'20, page 13-22, New York, NY, USA. Association for Computing Machinery.
Luca Demetrio, Battista Biggio, Giovanni Lagorio, Fabio Roli, and Alessandro Armando. 2021a. Functionality-preserving black-box optimization of adversarial windows malware. IEEE Transactions on Information Forensics and Security, 16:3469-3478.
Luca Demetrio, Scott E. Coull, Battista Biggio, Giovanni Lagorio, Alessandro Armando, and Fabio Roli. 2021b. Adversarial exemples. ACM Transactions on Privacy and Security, 24(4):1-31.
Richard Harang and Ethan M. Rudd. 2020. Sorel-20m: A large scale benchmark dataset for malicious pe detection.
Daanish Ali Khan, Linhong Li, Ninghao Sha, Zhuoran Liu, Abelino Jimenez, Bhiksha Raj, and Rita Singh. 2019. Non-determinism in neural networks for adversarial robustness. [OpenAIRE]
Raphael Labaca-Castro, Luis Muñoz-González, Feargus Pendlebury, Gabi Dreo Rodosek, Fabio Pierazzi, and Lorenzo Cavallaro. 2021. Universal adversarial perturbations for malware.
Scott M. Lundberg and Su-In Lee. 2017. A unified approach to interpreting model predictions. In Proceedings of the 31st International Conference on Neural Information Processing Systems, NIPS'17, page 4768-4777, Red Hook, NY, USA. Curran Associates Inc.
Jonathan Oliver, Chun Cheng, and Yanggui Chen. 2013. Tlsh - a locality sensitive hash. In 2013 Fourth Cybercrime and Trustworthy Computing Workshop, pages 7-13.
- 1
- 2
citations This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).0 popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.Average influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).Average impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.Average views 295 downloads 200 citations This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).0 popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.Average influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).Average impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.Average - 295views200downloads
popularity
Popularity provided by BIP!
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
Popularity provided by BIP!influenceInfluence provided by BIP!
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
Influence provided by BIP!impulseImpulse provided by BIP!
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
Impulse provided by BIP!viewsViews provided by UsageCounts
Views provided by UsageCountsdownloadsDownloads provided by UsageCounts
Downloads provided by UsageCounts Average
Average
Average
295
200
This paper describes the author's participation in the 3rd edition of the Machine Learning Security Evasion Competition (MLSEC-2021) sponsored by CUJO AI, VM-Ray, MRG-Effitas, Nvidia and Microsoft. As in the previous year the goal was not only developing measures against adversarial attacks on a pre-defined set of malware samples but also finding ways of bypassing other teams' defenses in a simulated cloud environment. The submitted solutions were ranked second in both defender and attacker tracks.