Adversarially Reprogramming Pretrained Neural Networks for Data-limited and Cost-efficient Malware Detection

Lingwei Chen, Xiaoting Li, Dinghao Wu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Scopus citations

Abstract

To mitigate evolving malware attacks, machine learning models have been successfully deployed to detect malware. However, these models are often challenged by data scarcity, design efforts and constrained resources. Inspired by the adversarial vulnerability of machine learning, in this paper, we design a novel model Adv4Mal to adversarially reprogram an ImageNet classification neural network for malware detection in both white-box and black-box settings. As such, a small or moderate amount of data are sufficient to train a promising malware detection model, the varying software features can be uniformly processed without extra efforts, and the majority of computation can be wisely shared and reused to save the resources. This, to the best of our knowledge, has not yet been explored. Specifically, Adv4Mal proceeds by embedding software features into a host image to construct new data, and learning a universal perturbation to be added to all inputs in an imperceptible manner, such that the outputs of the pretrained model can be accordingly mapped to the final detection decisions for all software. We evaluate Adv4Mal on three software datasets. The experimental results demonstrate that Adv4Mal can successfully exploit ImageNet model’s learning capability and limited data to achieve high performance in malware detection, and also yield significant advantages of model flexibility to different features, and cost efficiency in computing resources.

Original languageEnglish (US)
Title of host publicationProceedings of the 2022 SIAM International Conference on Data Mining, SDM 2022
PublisherSociety for Industrial and Applied Mathematics Publications
Pages693-701
Number of pages9
ISBN (Electronic)9781611977172
StatePublished - 2022
Event2022 SIAM International Conference on Data Mining, SDM 2022 - Virtual, Online
Duration: Apr 28 2022Apr 30 2022

Publication series

NameProceedings of the 2022 SIAM International Conference on Data Mining, SDM 2022

Conference

Conference2022 SIAM International Conference on Data Mining, SDM 2022
CityVirtual, Online
Period4/28/224/30/22

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Software

Fingerprint

Dive into the research topics of 'Adversarially Reprogramming Pretrained Neural Networks for Data-limited and Cost-efficient Malware Detection'. Together they form a unique fingerprint.

Cite this