Adversarial Attacks on Transformers-Based Malware Detectors
Yash Jakhotiya, Heramb Patil, Jugal Rawlani, Sunil B. Mane
TL;DR
This paper investigates the vulnerability of Transformers-based malware detectors to adversarial attacks, demonstrating a significant misclassification rate and proposing defenses to improve robustness.
Contribution
It is the first to analyze adversarial vulnerabilities in Transformers-based malware detection and proposes effective defenses to mitigate these attacks.
Findings
Adversarial attacks caused a 23.9% misclassification rate.
Proposed defenses reduced misclassification to approximately 12%.
Transformers-based malware detectors are susceptible to adversarial inputs.
Abstract
Signature-based malware detectors have proven to be insufficient as even a small change in malignant executable code can bypass these signature-based detectors. Many machine learning-based models have been proposed to efficiently detect a wide variety of malware. Many of these models are found to be susceptible to adversarial attacks - attacks that work by generating intentionally designed inputs that can force these models to misclassify. Our work aims to explore vulnerabilities in the current state of the art malware detectors to adversarial attacks. We train a Transformers-based malware detector, carry out adversarial attacks resulting in a misclassification rate of 23.9% and propose defenses that reduce this misclassification rate to half. An implementation of our work can be found at https://github.com/yashjakhotiya/Adversarial-Attacks-On-Transformers.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Adversarial Robustness in Machine Learning · Digital and Cyber Forensics