TL;DR
This paper introduces a novel method to covertly embed malware within neural network models, enabling stealthy delivery without affecting model performance or detection by antivirus tools.
Contribution
It presents a new technique for embedding malware in neural networks that remains undetectable and preserves model accuracy, highlighting security risks in AI applications.
Findings
36.9MB malware embedded in 178MB AlexNet with 1% accuracy loss
Malware remains undetected by VirusTotal antivirus scans
Neural networks can be exploited for covert malware delivery
Abstract
Delivering malware covertly and evasively is critical to advanced malware campaigns. In this paper, we present a new method to covertly and evasively deliver malware through a neural network model. Neural network models are poorly explainable and have a good generalization ability. By embedding malware in neurons, the malware can be delivered covertly, with minor or no impact on the performance of neural network. Meanwhile, because the structure of the neural network model remains unchanged, it can pass the security scan of antivirus engines. Experiments show that 36.9MB of malware can be embedded in a 178MB-AlexNet model within 1% accuracy loss, and no suspicion is raised by anti-virus engines in VirusTotal, which verifies the feasibility of this method. With the widespread application of artificial intelligence, utilizing neural networks for attacks becomes a forwarding trend. We hope…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
