Evasion attacks against statistical code obfuscation detectors

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

抄録

In the domain of information security, code obfuscation is a feature often employed for malicious purposes. For example there have been quite a few papers reporting that obfuscated JavaScript frequently comes with malicious functionality such as redirecting to external malicious websites. In order to capture such obfuscation, a class of detectors based on statistical features of code, mostly n-grams have been proposed and been claimed to achieve high detection accuracy. In this paper, we formalize a common scenario between defenders who maintain the statistical obfuscation detectors and adversaries who want to evade the detection. Accordingly, we create two kinds of evasion attack methods and evaluate the robustness of statistical detectors under such attacks. Experimental results show that statistical obfuscation detectors can be easily fooled by a sophisticated adversary even in worst case scenarios.

本文言語英語
ホスト出版物のタイトルAdvances in Information and Computer Security - 12th International Workshop on Security, IWSEC 2017, Proceedings
編集者Satoshi Obana, Koji Chida
出版社Springer Verlag
ページ121-137
ページ数17
ISBN(印刷版)9783319641997
DOI
出版ステータス出版済み - 2017
イベント12th International Workshop on Security, IWSEC 2017 - Hiroshima, 日本
継続期間: 8 30 20179 1 2017

出版物シリーズ

名前Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
10418 LNCS
ISSN(印刷版)0302-9743
ISSN(電子版)1611-3349

その他

その他12th International Workshop on Security, IWSEC 2017
国/地域日本
CityHiroshima
Period8/30/179/1/17

All Science Journal Classification (ASJC) codes

  • 理論的コンピュータサイエンス
  • コンピュータ サイエンス(全般)

フィンガープリント

「Evasion attacks against statistical code obfuscation detectors」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル