• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)
Menu

A Method for Generating Malware Countermeasure Samples Based on Pixel Attention Mechanism

Vol. 18, No. 2, February 29, 2024
10.3837/tiis.2024.02.010, Download Paper (Free):

Abstract

With information technology's rapid development, the Internet faces serious security problems. Studies have shown that malware has become a primary means of attacking the Internet. Therefore, adversarial samples have become a vital breakthrough point for studying malware. By studying adversarial samples, we can gain insights into the behavior and characteristics of malware, evaluate the performance of existing detectors in the face of deceptive samples, and help to discover vulnerabilities and improve detection methods for better performance. However, existing adversarial sample generation methods still need help regarding escape effectiveness and mobility. For instance, researchers have attempted to incorporate perturbation methods like Fast Gradient Sign Method (FGSM), Projected Gradient Descent (PGD), and others into adversarial samples to obfuscate detectors. However, these methods are only effective in specific environments and yield limited evasion effectiveness. To solve the above problems, this paper proposes a malware adversarial sample generation method (PixGAN) based on the pixel attention mechanism, which aims to improve adversarial samples' escape effect and mobility. The method transforms malware into grey-scale images and introduces the pixel attention mechanism in the Deep Convolution Generative Adversarial Networks (DCGAN) model to weigh the critical pixels in the grey-scale map, which improves the modeling ability of the generator and discriminator, thus enhancing the escape effect and mobility of the adversarial samples. The escape rate (ASR) is used as an evaluation index of the quality of the adversarial samples. The experimental results show that the adversarial samples generated by PixGAN achieve escape rates of 97%, 94%, 35%, 39%, and 43% on the Random Forest (RF), Support Vector Machine (SVM), Convolutional Neural Network (CNN), Convolutional Neural Network and Recurrent Neural Network (CNN_RNN), and Convolutional Neural Network and Long Short Term Memory (CNN_LSTM) algorithmic detectors, respectively.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
X. Ma, Y. Zhao, Y. Feng, Y. Hu, "A Method for Generating Malware Countermeasure Samples Based on Pixel Attention Mechanism," KSII Transactions on Internet and Information Systems, vol. 18, no. 2, pp. 456-477, 2024. DOI: 10.3837/tiis.2024.02.010.

[ACM Style]
Xiangyu Ma, Yuntao Zhao, Yongxin Feng, and Yutao Hu. 2024. A Method for Generating Malware Countermeasure Samples Based on Pixel Attention Mechanism. KSII Transactions on Internet and Information Systems, 18, 2, (2024), 456-477. DOI: 10.3837/tiis.2024.02.010.

[BibTeX Style]
@article{tiis:90558, title="A Method for Generating Malware Countermeasure Samples Based on Pixel Attention Mechanism", author="Xiangyu Ma and Yuntao Zhao and Yongxin Feng and Yutao Hu and ", journal="KSII Transactions on Internet and Information Systems", DOI={10.3837/tiis.2024.02.010}, volume={18}, number={2}, year="2024", month={February}, pages={456-477}}

Unified Search
(in title, author, abstract, and keywords)

Category Search

KSII Transactions on Internet and Information Systems
© 2007~Present, KSII. All Rights Reserved.