BMOP: Bidirectional Universal Adversarial Learning for Binary OpCode Features
Joint Authors
Wang, Zhi
Li, Xiang
Nie, Yuanping
Kuang, Xiaohui
Qiu, Kefan
Qian, Cheng
Zhao, Gang
Source
Wireless Communications and Mobile Computing
Issue
Vol. 2020, Issue 2020 (31 Dec. 2020), pp.1-11, 11 p.
Publisher
Hindawi Publishing Corporation
Publication Date
2020-12-03
Country of Publication
Egypt
No. of Pages
11
Main Subjects
Information Technology and Computer Science
Abstract EN
For malware detection, current state-of-the-art research concentrates on machine learning techniques.
Binary n-gram OpCode features are commonly used for malicious code identification and classification with high accuracy.
Binary OpCode modification is much more difficult than modification of image pixels.
Traditional adversarial perturbation methods could not be applied on OpCode directly.
In this paper, we propose a bidirectional universal adversarial learning method for effective binary OpCode perturbation from both benign and malicious perspectives.
Benign features are those OpCodes that represent benign behaviours, while malicious features are OpCodes for malicious behaviours.
From a large dataset of benign and malicious binary applications, we select the most significant benign and malicious OpCode features based on the feature SHAP value in the trained machine learning model.
We implement an OpCode modification method that insert benign OpCodes into executables as garbage codes without execution and modify malicious OpCodes by equivalent replacement preserving execution semantics.
The experimental results show that the benign and malicious OpCode perturbation (BMOP) method could bypass malicious code detection models based on the SVM, XGBoost, and DNN algorithms.
American Psychological Association (APA)
Li, Xiang& Nie, Yuanping& Wang, Zhi& Kuang, Xiaohui& Qiu, Kefan& Qian, Cheng…[et al.]. 2020. BMOP: Bidirectional Universal Adversarial Learning for Binary OpCode Features. Wireless Communications and Mobile Computing،Vol. 2020, no. 2020, pp.1-11.
https://search.emarefa.net/detail/BIM-1214831
Modern Language Association (MLA)
Li, Xiang…[et al.]. BMOP: Bidirectional Universal Adversarial Learning for Binary OpCode Features. Wireless Communications and Mobile Computing No. 2020 (2020), pp.1-11.
https://search.emarefa.net/detail/BIM-1214831
American Medical Association (AMA)
Li, Xiang& Nie, Yuanping& Wang, Zhi& Kuang, Xiaohui& Qiu, Kefan& Qian, Cheng…[et al.]. BMOP: Bidirectional Universal Adversarial Learning for Binary OpCode Features. Wireless Communications and Mobile Computing. 2020. Vol. 2020, no. 2020, pp.1-11.
https://search.emarefa.net/detail/BIM-1214831
Data Type
Journal Articles
Language
English
Notes
Includes bibliographical references
Record ID
BIM-1214831