Automatically Evading Classifiers: A Case Study on PDF Malware Classifiers
Created by W.Langdon from
gp-bibliography.bib Revision:1.7975
- @InProceedings{Xu:2016:NDSS,
-
author = "Weilin Xu and Yanjun Qi and David Evans",
-
title = "Automatically Evading Classifiers: A Case Study on
{PDF} Malware Classifiers",
-
booktitle = "The Network and Distributed System Security Symposium
2016",
-
year = "2016",
-
editor = "Lujo Bauer and Karen O'Donoghue",
-
address = "San Diego, USA",
-
month = "21-24 " # feb,
-
keywords = "genetic algorithms, genetic programming, genetic
improvement",
-
ISBN = "1-891562-41-X",
-
URL = "http://evademl.org/",
-
URL = "https://www.internetsociety.org/events/ndss-symposium-2016/ndss-2016-programme#session11",
-
URL = "https://www.internetsociety.org/sites/default/files/blogs-media/automatically-evading-classifiers.pdf",
-
size = "15 pages",
-
abstract = "Machine learning is widely used to develop classifiers
for security tasks. However, the robustness of these
methods against motivated adversaries is uncertain. In
this work, we propose a generic method to evaluate the
robustness of classifiers under attack. The key idea is
to stochastically manipulate a malicious sample to find
a variant that preserves the malicious behaviour but is
classified as benign by the classifier. We present a
general approach to search for evasive variants and
report on results from experiments using our techniques
against two PDF malware classifiers, PDFrate and
Hidost. Our method is able automatically find evasive
variants for all of the 500 malicious seeds in our
study. Our results suggest a general method for
evaluating classifiers used in security applications,
and raise serious doubts about the effectiveness of
classifiers based on superficial features in the
presence of adversaries.",
-
notes = "https://www.internetsociety.org/events/ndss-symposium-2016",
- }
Genetic Programming entries for
Weilin Xu
Yanjun Qi
David Evans
Citations