IIoT Deep Malware Threat Hunting: From Adversarial Example Detection to Adversarial Scenario Detection

Bardia Esmaeili, Amin Azmoodeh, Ali Dehghantanha, Behrouz Zolfaghari, Hadis Karimipour, Mohammad Hammoudeh

研究成果: Article査読

抄録

Protecting widely-used deep classifiers against black-box adversarial attacks is a recent research challenge in many security-related areas, including malware classification. This class of attacks relies on optimizing a sequence of highly similar queries to bypass given classifiers. In this paper, we leverage this property and propose a history-based method named, Stateful Query Analysis (SQA), which analyzes sequences of queries received by a malware classifier to detect black-box adversarial attacks on an Industrial Internet of Things (IIoT).In the SQA pipeline, there are two components, namely the similarity encoder and the classifier, both based on Convolutional Neural Networks (CNNs). Unlike state-of-the-art methods, which aim to identify individual adversarial examples, tracking the history of queries allows our method to identify adversarial scenarios and abort attacks before their completion. We optimize SQA using different combinations of hyperparameters on an ARM-based IIoT malware dataset, widely adopted for malware threat hunting in Industry 4.0.

本文言語English
ジャーナルIEEE Transactions on Industrial Informatics
DOI
出版ステータスAccepted/In press - 2022

ASJC Scopus subject areas

  • 制御およびシステム工学
  • 情報システム
  • コンピュータ サイエンスの応用
  • 電子工学および電気工学

フィンガープリント

「IIoT Deep Malware Threat Hunting: From Adversarial Example Detection to Adversarial Scenario Detection」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル