Attacking deep learning-based anti-malware engines

MPhil Thesis Defence


Title: "Attacking deep learning-based anti-malware engines"

By

Mr. Wai Kin WONG


Abstract

Graph neural networks (GNNs) have achieved a major success in solving 
challenging tasks in malware analysis, social networks analysis, molecular 
networks, image classifcation, text comprehension, and other pattern 
analysis tasks. Despite the prosperous dvelopment of GNNs, recent research 
has demonstrated the feasibility of exploiting GNNs using adversarial 
examples, in which a small distortion is added into the input data to 
dramatically mislead prediction of the GNN models.

In this research, we present an attack that performs perturbations toward 
the cotrol flow structure of an executable to deceive GNNs-based software 
similarity analysis tools. Unlike prior attacks which mostly change 
non-functional code components, our approach proposes the design of 
several semantics-preserving manipulations directly tward the control flow 
graph of an software executable, thus making it particularly effetive to 
deceive GNNs. To speedup the process, we design a framework that leverages 
gradient-based or hill climbing-based optimizations to generate 
adversarial examples in both white-box and black-box settings. We 
evaluated our attack against two de facto GNN-based software similarity 
analysis tools, ASM2VEC and ncc, and achieve reasoibly high success rates. 
Furthermore, our attack toward an industrial-strength similarity analyzer, 
BinaryAI, shows that the proposed attack can fool remote APIs in 
challenging black-box settings with a success rate of over 92.0%.


Date:  			Wednesday, 28 July 2021

Time:			2:00pm - 4:00pm

Zoom meeting: 
https://hkust.zoom.us/j/96627832241?pwd=RjZTam5HNEZOSHA4b2greWJHek4wUT09

Committee Members:	Dr. Shuai Wang (Supervisor)
 			Dr. Dimitris Papadopoulos (Chairperson)
 			Dr. Lionel Parreaux


**** ALL are Welcome ****