A Deep Reinforcement Learning Framework to Evade Black-Box Machine Learning Based IoT Malware Detectors Using GAN-Generated Influential Features

Rahat Maqsood Arif; Muhammad Aslam; Shaha Al-Otaibi; Ana Maria Martinez-Enriquez; Tanzila Saba; Saeed Ali Bahaj; Amjad Rehman

doi:10.1109/ACCESS.2023.3334645

IEEE Access (Jan 2023)

A Deep Reinforcement Learning Framework to Evade Black-Box Machine Learning Based IoT Malware Detectors Using GAN-Generated Influential Features

Rahat Maqsood Arif,
Muhammad Aslam,
Shaha Al-Otaibi,
Ana Maria Martinez-Enriquez,
Tanzila Saba,
Saeed Ali Bahaj,
Amjad Rehman

Affiliations

Rahat Maqsood Arif: ORCiD; Department of Computer Science, University of Engineering and Technology, Lahore, Lahore, Pakistan
Muhammad Aslam: Department of Computer Science, University of Engineering and Technology, Lahore, Lahore, Pakistan
Shaha Al-Otaibi: ORCiD; Department of Information Systems, College of Computer and Information Sciences, Princess Nourah bint Abdulrahman University, Riyadh, Saudi Arabia
Ana Maria Martinez-Enriquez: Department of CS, CINVESTAV-IPN, Gustavo A. Madero, Mexico
Tanzila Saba: Artificial Intelligence and Data Analytics (AIDA) Laboratory, CCIS, Prince Sultan University, Riyadh, Saudi Arabia
Saeed Ali Bahaj: ORCiD; MIS Department, College of Business Administration, Prince Sattam bin Abdulaziz University, Al-Kharj, Saudi Arabia
Amjad Rehman: ORCiD; Artificial Intelligence and Data Analytics (AIDA) Laboratory, CCIS, Prince Sultan University, Riyadh, Saudi Arabia

DOI: https://doi.org/10.1109/ACCESS.2023.3334645
Journal volume & issue: Vol. 11
pp. 133717 – 133729

Abstract

Read online

In the internet of things (IoT) networks, machine learning (ML) is significantly used for malware and adversary detection. Recently, research has shown that adversarial attacks have put ML-based models at risk. This problem is exacerbated in an IoT environment because of the absence of adequate security measures. Consequently, it is crucial to evaluate the strength of such malware detectors using powerful adversarial samples. The existing adversarial sample generation strategies either rely on high-level image features or an unfiltered feature set, making it challenging to determine which feature modifications are crucial in evading malware detection systems, without compromising the malware functionality. This encourages us to propose an evasion framework named IF-MalEvade, based on Generative Adversarial Network (GAN) and Deep Reinforcement Learning (DRL) that effectively generates fully-working, malware samples with several effective perturbations such as header Section manipulation and benign bytes insertion. The DRL framework selects a few suitable action sequences to change malicious samples, thus allowing our malware samples to bypass various black-box ML based malware detectors and the detection search engines of VirusTotal, while maintaining the executability and malicious behavior of the original malware samples. The neural networks of GAN take in the unfiltered feature set of malware dataset and using minimax objective function yields a set of useful features that are subsequently used by the DRL agent to make effective changes. Experimental results illustrated that by utilizing the influential features in sequence of transformations, the adversarial samples generated by our model outperformed the state-of-the-art evasion models with an impressive evasion rate. Additionally, the detection rate of well-known machine learning models was also brought down to up to 97%. Furthermore, when the machine learning models were retrained using adversarial samples, a 35% increase in detection accuracy was observed.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords