{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00214485","sets":["6164:6165:6462:10749"]},"path":["10749"],"owner":"44499","recid":"214485","title":["Androidマルウェア分類器に対するパッキングを用いた効果的な回避攻撃"],"pubdate":{"attribute_name":"公開日","attribute_value":"2021-10-19"},"_buckets":{"deposit":"c74b1436-9818-422c-9c97-4a793897e574"},"_deposit":{"id":"214485","pid":{"type":"depid","value":"214485","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"Androidマルウェア分類器に対するパッキングを用いた効果的な回避攻撃","author_link":["550921","550915","550918","550922","550920","550916","550917","550919"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"Androidマルウェア分類器に対するパッキングを用いた効果的な回避攻撃"},{"subitem_title":"Effective Evasion Attack Using Packing against Android Malware Classifiers","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"回避攻撃，パッカー，機械学習","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2021-10-19","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"電気通信大学"},{"subitem_text_value":"日本電信電話株式会社"},{"subitem_text_value":"京都橘大学"},{"subitem_text_value":"電気通信大学"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"The University of Electro-Communications","subitem_text_language":"en"},{"subitem_text_value":"Nippon Telegraph and Telephone Corporation","subitem_text_language":"en"},{"subitem_text_value":"Kyoto Tachibana University","subitem_text_language":"en"},{"subitem_text_value":"The University of Electro-Communications","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/214485/files/IPSJCSS2021085.pdf","label":"IPSJCSS2021085.pdf"},"date":[{"dateType":"Available","dateValue":"2023-10-19"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJCSS2021085.pdf","filesize":[{"value":"1.2 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"4d1c94b1-c626-4d2a-b478-1483b4083bb6","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2021 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"古川, 和祈"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"畑田, 充弘"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"吉浦, 裕"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"市野, 将嗣"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Kazuki, Furukawa","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Mitsuhiro, Hatada","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Hiroshi, Yoshiura","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Masatsugu, Ichino","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"スマートフォンをターゲットとしたマルウェアが増加していることから，未知のマルウェアを検知できるように，機械学習を用いた検知手法が提案されるようになった．他方で近年，機械学習に対する攻撃手法である回避攻撃が提案されている．回避攻撃は，あるクラスに分類される入力に対して摂動を加えることで，別のクラスに誤分類するように仕向ける攻撃である．マルウェア検知に対する回避攻撃が実現すると，未知マルウェアの検知が困難となる脅威が生まれる．本稿では，既存の特徴量改変型回避攻撃手法に対して汎用的に組み込み可能なパッキングを用いた効果的な回避攻撃手法を提案する．パッキングを用いることで特徴量隠蔽と実行可能性検証可能な細工済みマルウェアの構築を実現した．Pierazzi らの勾配型回避攻撃手法に対して提案手法を組み込み，最先端の Android マルウェア分類器である DREBIN と回避攻撃に対して堅牢である Sec-SVM 及び Random Forest に対する回避攻撃の実験を行い，全ての分類器に対して 90% 以上の回避攻撃成功率を実現したことが確認できた．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"As the number of malware targeting smartphones is increasing, detection methods based on machine learning have been proposed to detect unknown malware. On the other hand, in recent years, evasive attacks have been proposed as an attack method against machine learning. An evasion attack is an attack that perturbs inputs that are classified into one class so that they are misclassified into another class. The realization of evasive attacks against malware detection creates a threat that makes it difficult to detect unknown malware. In this paper, we propose an effective evasion attack using packing, which can be universally incorporated into existing feature-modification evasion attacks. We incorporate the proposed method into Pierazzi et al.'s gradient-based evasion attack method, and conduct experiments on evasion attacks against DREBIN, Sec-SVM, and Random Forest. We confirmed that the proposed method achieves more than 90% success rate of evasion attacks against all classifiers.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"638","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2021論文集"}],"bibliographicPageStart":"631","bibliographicIssueDates":{"bibliographicIssueDate":"2021-10-19","bibliographicIssueDateType":"Issued"}}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"id":214485,"updated":"2025-01-19T16:36:39.988494+00:00","links":{},"created":"2025-01-19T01:15:18.086542+00:00"}