FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4328101204> ?p ?o ?g. }

• W4328101204 endingPage "103192" @default.
• W4328101204 startingPage "103192" @default.
• W4328101204 abstract "Model stealing attacks have been successfully used in many machine learning domains, but there is little understanding of how these attacks work against models that perform malware detection. Malware detection and, in general, security domains have unique conditions. In particular, there are very strong requirements for low false positive rates (FPR). Antivirus products (AVs) that use machine learning are very complex systems to steal, malware binaries continually change, and the whole environment is adversarial by nature. This study evaluates active learning model stealing attacks against publicly available stand-alone machine learning malware classifiers and also against antivirus products. The study proposes a new neural network architecture for surrogate models (dualFFNN) and a new model stealing attack that combines transfer and active learning for surrogate creation (FFNN-TL). We achieved good surrogates of the stand-alone classifiers with up to 99% agreement with the target models, using less than 4% of the original training dataset. Good surrogates of AV systems were also trained with up to 99% agreement and less than 4,000 queries. The study uses the best surrogates to generate adversarial malware to evade the target models, both stand-alone and AVs (with and without an internet connection). Results show that surrogate models can generate adversarial malware that evades the targets but with a lower success rate than directly using the target models to generate adversarial malware. Using surrogates, however, is still a good option since using the AVs for malware generation is highly time-consuming and easily detected when the AVs are connected to the internet." @default.
• W4328101204 created "2023-03-22" @default.
• W4328101204 creator A5069661560 @default.
• W4328101204 creator A5083294162 @default.
• W4328101204 date "2023-06-01" @default.
• W4328101204 modified "2023-10-16" @default.
• W4328101204 title "Stealing and evading malware classifiers and antivirus at low false positive conditions" @default.
• W4328101204 cites W2104094955 @default.
• W4328101204 cites W2949071206 @default.
• W4328101204 cites W3015481738 @default.
• W4328101204 cites W3041133507 @default.
• W4328101204 cites W3105676597 @default.
• W4328101204 cites W3164220323 @default.
• W4328101204 cites W3208420335 @default.
• W4328101204 cites W4288072399 @default.
• W4328101204 doi "https://doi.org/10.1016/j.cose.2023.103192" @default.
• W4328101204 hasPublicationYear "2023" @default.
• W4328101204 type Work @default.
• W4328101204 citedByCount "1" @default.
• W4328101204 countsByYear W43281012042023 @default.
• W4328101204 crossrefType "journal-article" @default.
• W4328101204 hasAuthorship W4328101204A5069661560 @default.
• W4328101204 hasAuthorship W4328101204A5083294162 @default.
• W4328101204 hasBestOaLocation W43281012042 @default.
• W4328101204 hasConcept C119857082 @default.
• W4328101204 hasConcept C154945302 @default.
• W4328101204 hasConcept C37736160 @default.
• W4328101204 hasConcept C38652104 @default.
• W4328101204 hasConcept C41008148 @default.
• W4328101204 hasConcept C541664917 @default.
• W4328101204 hasConcept C95922358 @default.
• W4328101204 hasConceptScore W4328101204C119857082 @default.
• W4328101204 hasConceptScore W4328101204C154945302 @default.
• W4328101204 hasConceptScore W4328101204C37736160 @default.
• W4328101204 hasConceptScore W4328101204C38652104 @default.
• W4328101204 hasConceptScore W4328101204C41008148 @default.
• W4328101204 hasConceptScore W4328101204C541664917 @default.
• W4328101204 hasConceptScore W4328101204C95922358 @default.
• W4328101204 hasFunder F4320309480 @default.
• W4328101204 hasFunder F4320334253 @default.
• W4328101204 hasLocation W43281012041 @default.
• W4328101204 hasLocation W43281012042 @default.
• W4328101204 hasLocation W43281012043 @default.
• W4328101204 hasOpenAccess W4328101204 @default.
• W4328101204 hasPrimaryLocation W43281012041 @default.
• W4328101204 hasRelatedWork W2968586400 @default.
• W4328101204 hasRelatedWork W3045279525 @default.
• W4328101204 hasRelatedWork W3046843850 @default.
• W4328101204 hasRelatedWork W3197643498 @default.
• W4328101204 hasRelatedWork W3211751213 @default.
• W4328101204 hasRelatedWork W3216063557 @default.
• W4328101204 hasRelatedWork W3217564040 @default.
• W4328101204 hasRelatedWork W4296991884 @default.
• W4328101204 hasRelatedWork W4312707592 @default.
• W4328101204 hasRelatedWork W4382173550 @default.
• W4328101204 hasVolume "129" @default.
• W4328101204 isParatext "false" @default.
• W4328101204 isRetracted "false" @default.
• W4328101204 workType "article" @default.