Adversarially Robust and Interpretable Magecart Malware Detection

TL;DR

This paper presents a comprehensive approach combining various machine learning models, adversarial training, and interpretability techniques to detect Magecart malware attacks effectively and robustly in real-world online payment systems.

Contribution

It introduces a comparative study of ML models with adversarial training and interpretability for Magecart malware detection, enhancing robustness and explainability.

Findings

High detection accuracy achieved across models

Models demonstrate robustness against adversarial attacks

Enhanced interpretability supports trust and transparency

Abstract

Magecart skimming attacks have emerged as a significant threat to client-side security and user trust in online payment systems. This paper addresses the challenge of achieving robust and explainable detection of Magecart attacks through a comparative study of various Machine Learning (ML) models with a real-world dataset. Tree-based, linear, and kernel-based models were applied, further enhanced through hyperparameter tuning and feature selection, to distinguish between benign and malicious scripts. Such models are supported by a Behavior Deterministic Finite Automaton (DFA) which captures structural behavior patterns in scripts, helping to analyze and classify client-side script execution logs. To ensure robustness against adversarial evasion attacks, the ML models were adversarially trained and evaluated using attacks from the Adversarial Robustness Toolbox and the Adaptative Perturbation Pattern Method. In addition, concise explanations of ML model decisions are provided, supporting transparency and user trust. Experimental validation demonstrated high detection performance and interpretable reasoning, demonstrating that traditional ML models can be effective in real-world web security contexts.