信息网络安全 ›› 2020, Vol. 20 ›› Issue (11): 51-58.doi: 10.3969/j.issn.1671-1122.2020.11.007

• 技术研究 • 上一篇    下一篇

基于WGAN的移动恶意对抗样本生成研究

李红娇, 陈红艳()   

  1. 上海电力大学计算机科学与技术学院,上海 201306
  • 收稿日期:2020-09-21 出版日期:2020-11-10 发布日期:2020-12-31
  • 通讯作者: 陈红艳 E-mail:15000388434@163.com
  • 作者简介:李红娇(1974—),女,河南,副教授,博士,主要研究方向为信息系统安全、隐私保护以及入侵检测等|陈红艳(1995—),女,安徽,硕士研究生,主要研究方向为信息安全
  • 基金资助:
    国家自然科学基金(61403247);国家自然科学基金(61702321);上海市信息安全综合管理技术研究重点实验室开放课题(AGK2015005);上海市科委地方能力建设项目(15110500700)

Research on Mobile Malicious Adversarial Sample Generation Based on WGAN

LI Hongjiao, CHEN Hongyan()   

  1. School of Computer Science and Technology, Shanghai Electric Power University, Shanghai 201306, China
  • Received:2020-09-21 Online:2020-11-10 Published:2020-12-31
  • Contact: CHEN Hongyan E-mail:15000388434@163.com

摘要:

近年来,利用机器学习算法进行移动终端恶意软件的检测已成为研究热点,而恶意软件制作者为了使恶意软件能够逃避检测,采用各种方法来制作恶意对抗样本。文章提出一种基于Wasserstein GAN(WGAN)的算法MalWGAN来生成移动终端恶意对抗样本,使其能够绕过基于机器学习算法的黑盒模型检测器来逃避检测。与现有基于静态梯度方法生成的对抗样本不同,MalWGAN模型结合了API调用和静态特征来生成对抗样本。由于对抗样本是由黑盒模型检测器的反馈动态生成的,因此逃避黑盒模型检测器检测的概率更高。

关键词: 对抗样本, WGAN, 检测逃避

Abstract:

In recent years, using machine learning algorithm to detect mobile terminal malware has become a research hotspot. In order to make the malware evade detection, malware producers use various methods to make malicious adversarial samples. This paper proposes an algorithm MalWGAN based on Wasserstein GAN (WGAN) to generate mobile terminal malicious adversarial samples, which can bypass the black box model detector based on machine learning algorithms to evade detection. Different from the existing adversarial samples generated by static gradient methods, the MalWGAN model combines API calls and static features to generate adversarial samples. Since adversarial samples are dynamically generated by the feedback of the black box model detector, the probability of escaping from the detection of the black box model detector is higher.

Key words: adversarial sample, WGAN, evasion of detection

中图分类号: