Mal2GCN: a robust malware detection approach using deep graph convolutional networks with non-negative weights

IF 1.5 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS Journal of Computer Virology and Hacking Techniques Pub Date : 2023-09-27 DOI:10.1007/s11416-023-00498-7

Omid Kargarnovin, Amir Mahdi Sadeghzadeh, Rasool Jalili

{"title":"Mal2GCN: a robust malware detection approach using deep graph convolutional networks with non-negative weights","authors":"Omid Kargarnovin, Amir Mahdi Sadeghzadeh, Rasool Jalili","doi":"10.1007/s11416-023-00498-7","DOIUrl":null,"url":null,"abstract":"With the growing use of Deep Learning (DL) to tackle various problems, securing these models against adversaries has become a primary concern for researchers. Recent studies have shown that DL-based malware detectors are vulnerable to adversarial examples. An adversary can create carefully crafted adversarial examples to evade DL-based malware detectors. In this paper, we propose Mal2GCN, a robust malware detection model that uses Function Call Graph (FCG) representation of executable files combined with Graph Convolution Network (GCN) to detect Windows malware. Since the FCG representation of executable files is more robust than the raw byte sequence representation, numerous proposed adversarial example generating methods are ineffective in evading Mal2GCN. Moreover, we use the non-negative training method to transform Mal2GCN into a monotonically non-decreasing function; thereby, making it theoretically robust against appending attacks. Besides, experimental results on a collected dataset of PE executables demonstrate that Mal2GCN can detect malware with 98.15% accuracy, outperforming its counterparts. We then present a black-box source code-based adversarial malware generation approach that can be used to evaluate the robustness of malware detection models against real-world adversaries. This approach injects adversarial code into various locations of malware source code, aiming to evade malware detection models. The experiments indicate that Mal2GCN with non-negative weights achieves high accuracy in detecting Windows malware while also exhibiting robustness against adversarial attacks that add benign features to the malware source code.","PeriodicalId":15545,"journal":{"name":"Journal of Computer Virology and Hacking Techniques","volume":null,"pages":null},"PeriodicalIF":1.5000,"publicationDate":"2023-09-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Computer Virology and Hacking Techniques","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1007/s11416-023-00498-7","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 4

Abstract

With the growing use of Deep Learning (DL) to tackle various problems, securing these models against adversaries has become a primary concern for researchers. Recent studies have shown that DL-based malware detectors are vulnerable to adversarial examples. An adversary can create carefully crafted adversarial examples to evade DL-based malware detectors. In this paper, we propose Mal2GCN, a robust malware detection model that uses Function Call Graph (FCG) representation of executable files combined with Graph Convolution Network (GCN) to detect Windows malware. Since the FCG representation of executable files is more robust than the raw byte sequence representation, numerous proposed adversarial example generating methods are ineffective in evading Mal2GCN. Moreover, we use the non-negative training method to transform Mal2GCN into a monotonically non-decreasing function; thereby, making it theoretically robust against appending attacks. Besides, experimental results on a collected dataset of PE executables demonstrate that Mal2GCN can detect malware with 98.15% accuracy, outperforming its counterparts. We then present a black-box source code-based adversarial malware generation approach that can be used to evaluate the robustness of malware detection models against real-world adversaries. This approach injects adversarial code into various locations of malware source code, aiming to evade malware detection models. The experiments indicate that Mal2GCN with non-negative weights achieves high accuracy in detecting Windows malware while also exhibiting robustness against adversarial attacks that add benign features to the malware source code.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Mal2GCN:一种鲁棒的恶意软件检测方法，使用非负权重的深度图卷积网络

随着深度学习(DL)越来越多地用于解决各种问题，保护这些模型免受攻击已成为研究人员的主要关注点。最近的研究表明，基于dl的恶意软件检测器容易受到对抗性示例的攻击。攻击者可以创建精心设计的对抗性示例来逃避基于dl的恶意软件检测器。在本文中，我们提出了Mal2GCN，这是一个鲁棒的恶意软件检测模型，它使用可执行文件的函数调用图(FCG)表示结合图卷积网络(GCN)来检测Windows恶意软件。由于可执行文件的FCG表示比原始字节序列表示更健壮，因此许多提出的对抗性示例生成方法在逃避Mal2GCN方面是无效的。此外，我们使用非负训练方法将Mal2GCN转化为单调非递减函数;因此，使其在理论上对附加攻击具有鲁棒性。此外，在收集的PE可执行文件数据集上的实验结果表明，Mal2GCN检测恶意软件的准确率为98.15%，优于同类软件。然后，我们提出了一种基于黑盒源代码的对抗性恶意软件生成方法，可用于评估恶意软件检测模型对现实世界对手的鲁棒性。该方法将对抗性代码注入恶意软件源代码的各个位置，旨在逃避恶意软件检测模型。实验表明，非负权重的Mal2GCN在检测Windows恶意软件时达到了很高的准确性，同时也表现出对恶意软件源代码添加良性特征的对抗性攻击的鲁棒性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Journal of Computer Virology and Hacking Techniques COMPUTER SCIENCE, INFORMATION SYSTEMS-

CiteScore

4.00

自引率

13.30%

发文量

期刊介绍： The field of computer virus prevention has rapidly taken an important position in our technological and information society. Viral attacks increase year after year, and antiviral efforts continually face new challenges. Beneficial applications of technologies based on scientific computer virology are still very limited. The theoretical aspects of the virus problem are only rarely considered, although many interesting and important open problems still exist. Little proactive research is focused on predicting the future of viral attacks.The Journal of Computer Virology and Hacking Techniques is an independent scientific and technical journal dedicated to viral and antiviral computer technologies. Both theoretical and experimental aspects will be considered; papers emphasizing the theoretical aspects are especially welcome. The topics covered by this journal include, but are certainly not limited to:- Mathematical aspects and theoretical fundamentals of computer virology - Algorithmics and computer virology - Computer immunology and biological models for computers - Reverse engineering (hardware and software) - Viral and antiviral technologies - Cryptology and steganography tools and techniques - Applications in computer virology - Virology and IDS - Hardware hacking, and free and open hardware - Operating system, network, and embedded systems security - Social engineeringIn addition, since computational problems are of practical interest, papers on the computational aspects of computer virology are welcome. It is expected that the areas covered by this journal will change as new technologies, methodologies, challenges and applications develop. Hacking involves understanding technology intimately and in depth in order to use it in an operational way. Hackers are complementary to academics in that they favour the result over the methods and over the theory, while academics favour the formalization and the methods -- explaining is not operating and operating is not explaining. The aim of the journal in this respect is to build a bridge between the two communities for the benefit of technology and science.The aim of the Journal of Computer Virology and Hacking Techniques is to promote constructive research in computer virology by publishing technical and scientific results related to this research area. Submitted papers will be judged primarily by their content, their originality and their technical and scientific quality. Contributions should comprise novel and previously unpublished material.However, prior publication in conference proceedings of an abstract, summary, or other abbreviated, preliminary form of the material should not preclude publication in this journal when notice of such prior or concurrent publication is given with the submission. In addition to full-length theoretical and technical articles, short communications or notes are acceptable. Survey papers will be accepted with a prior invitation only. Special issues devoted to a single topic are also planned.The policy of the journal is to maintain strict refereeing procedures, to perform a high quality peer-review of each submitted paper, and to send notification to the author(s) with as short a delay as possible. Accepted papers will normally be published within one year of submission at the latest. The journal will be published four times a year. Note: As far as new viral techniques are concerned, the journal strongly encourages authors to consider algorithmic aspects rather than the actual source code of a particular virus. Nonetheless, papers containing viral source codes may be accepted provided that a scientific approach is maintained and that inclusion of the source code is necessary for the presentation of the research. No paper containing a viral source code will be considered or accepted unless the complete source code is communicated to the Editor-in-Chief. No publication will occur before antiviral companies receive this source code to update/upgrade their products.The final objective is, once again, proactive defence.This journal was previously known as Journal in Computer Virology. It is published by Springer France.