Deteksi Malware Adversarial pada Jaringan IoT: Tinjauan Sistematis Model AI dan Strategi Serangan
DOI:
https://doi.org/10.47701/dutacom.v18i2.5128Keywords:
Adversarial Malware Attacks, Malware Detection System, White Box Based Attacks, Black Box Based Attacks, IoT Network AttacksAbstract
Berkembangnya teknik serangan adversarial malware yang dapat mengelabui sistem AI berbasis DL dan ML telah menarik perhatian para peneliti untuk melakukan pemodelan pengujian serangan terhadap target sistem deteksi malware. Sering kali file malware dianggap sebagai file benign akibat kesalahan deteksi akibat manipulasi data yang dilakukan oleh malware untuk melindungi dirinya. Studi ini menggunakan metodologi tinjauan sistematis terhadap 34 artikel penelitian yang telah difilter berdasarkan aspek inclusion yang secara khusus membahas bagaimana serangan adversarial malware pada jaringan IoT itu dapat dideteksi oleh sistem AI. Tujuan SLR ini adalah menentukan kecenderungan penggunaan jenis AI dalam membangun sistem deteksi malware, memetakan penggunaan algoritma untuk setiap AI, model serangan adversarial malware hingga teknik pengujian yang relevan terhadap metode serangan adversarial tersebut. Hasil kajian ini memperlihatkan bahwa, metode DL dengan algoritma CNN lebih sering dipergunakan untuk membangun sistem deteksi malware secara efektif dibandingkan ML yang dirasakan tidak mampu mengenali jenis varian baru malware. Sedangkan pemodelan serangan cenderung menggunakan metode White Box Based Attacks yang didukung teknik pengujian berbasis Hybrid pada DL.
References
Alatwi, H. A., & Morisset, C. (2021). Adversarial Machine Learning In Network Intrusion Detection Domain: A Systematic Review. http://arxiv.org/abs/2112.03315
Ali, R., Ali, A., Iqbal, F., Hussain, M., & Ullah, F. (2022). Deep Learning Methods for Malware and Intrusion Detection: A Systematic Literature Review. In Security and Communication Networks (Vol. 2022). Hindawi Limited. https://doi.org/10.1155/2022/2959222
Ali, T., Eleyan, A., & Bejaoui, T. (2023). Detecting Conventional and Adversarial Attacks Using Deep Learning Techniques: A Systematic Review. 2023 International Symposium on Networks, Computers and Communications, ISNCC 2023. https://doi.org/10.1109/ISNCC58260.2023.10323872
Anand, K., Rao Budaraju, R., Kumar, S., Rao, B. M., & Sah, B. (2023). Evasion-Aware Botnet Attack Detection using Deep Reinforcement Adversarial Learning. In Original Research Paper International Journal of Intelligent Systems and Applications in Engineering IJISAE (Vol. 2024, Issue 5s). www.ijisae.org
Aslan O, & Yilmaz A.A. (2021). A new malware classification framework based on deep learning algorithms. IEEE Access. https://ieeexplore.ieee.org/document/9455368
Barik, K., Misra, S., & Fernandez-Sanz, L. (2024). Adversarial attack detection framework based on optimized weighted conditional stepwise adversarial network. International Journal of Information Security. https://doi.org/10.1007/s10207-024-00844-w
Biggio, B., Corona, I., Maiorca, D., Nelson, B., Nedimˇ, N., Nedimšrndi´c, N., Laskov, P., Giacinto, G., & Roli, F. (2013). LNAI 8190 - Evasion Attacks against Machine Learning at Test Time. https://link.springer.com/chapter/10.1007/978-3-642-40994-3_25
BSSN. (2023). LANSKAP KEAMANAN SIBER INDONESIA.
Carlin D, O’Kane P, & Sezer S. (2019). A cost analysis of machine learning using dynamic runtime opcodes for malware detection. Computers & Security, 85, 138–155.
Chen, Y., Feng, Y., Wang, Z., Zhao, J., Wang, C., & Liu, Q. (2023). IMaler: An Adversarial Attack Framework to Obfuscate Malware Structure Against DGCNN-Based Classifier via Reinforcement Learning. IEEE International Conference on Communications, 2023-May, 790–796. https://doi.org/10.1109/ICC45041.2023.10279372
Debicha, I., Cochez, B., Kenaza, T., Debatty, T., Dricot, J. M., & Mees, W. (2023). Adv-Bot: Realistic adversarial botnet attacks against network intrusion detection systems. Computers and Security, 129. https://doi.org/10.1016/j.cose.2023.103176
Dinakarrao, S. M. P., Amberkar, S., Bhat, S., Dhavlle, A., Sayadi, H., Sasan, A., Homayoun, H., & Rafatirad, S. (2019, June 2). Adversarial attack on microarchitectural events based malware detectors. Proceedings - Design Automation Conference. https://doi.org/10.1145/3316781.3317762
Gibert, D., Demetrio, L., Zizzo, G., Le, Q., Planes, J., & Biggio, B. (2024). Certified Adversarial Robustness of Machine Learning-based Malware Detectors via (De)Randomized Smoothing. http://arxiv.org/abs/2405.00392
Ijas, A. H., Vinod, P., Zemmari, A., Harikrishnan, D., Poulose, G., Jose, D., Mercaldo, F., Martinelli, F., & Santone, A. (2021). Vulnerability evaluation of android malware detectors against adversarial examples. Procedia Computer Science, 192, 3320–3331. https://doi.org/10.1016/j.procs.2021.09.105
JARETH A.V. (2023). The pros, cons and limitations of AI and machine learning in antivirus software - Emsisoft — security blog. Https://Www.Emsisoft.Com/En/Blog/35668/the-Pros-Cons-and-Limitations-of-Ai-and-Machine-Learning-in-Antivirus-Software/. https://www.emsisoft.com/en/blog/35668/the-pros-cons-and-limitations-of-ai-and-machine-learning-in-antivirus-software/
John S.A. (2022). 95% of new malware threats target windows OS. Https://Www.Dailyhostnews.Com/Malware-Threats-Aimed-at-Windows. https://www.sciencedirect.com/science/article/pii/S0164121223003163#b119
Kitchenham, B., & Charters, S. (2007). Guidelines for performing Systematic Literature Reviews in Software Engineering.
Li C, Lv Q, Li N, Wang Y, Sun D, & Qiao Y. (2022). A novel deep framework for dynamic malware detection based on API sequence intrinsic features. Computers & Security, 116.
Li, H., Cheng, Z., Wu, B., Yuan, L., Gao, C., Yuan, W., & Luo, X. (2023). Black-box Adversarial Example Attack towards FCG Based Android Malware Detection under Incomplete Feature Information.
Li, X. , L. X. , W. F. , L. W. , L. A. (2021). A Malware Detection Method Based on Machine Learning and Ensemble of Regression Trees. In: 2021 2nd. International Conference on Artificial Intelligence and Information Systems. Pp. 1–6. Google Scholar, 1–6.
Liu, X., Du, X., Zhang, X., Zhu, Q., Wang, H., & Guizani, M. (2019). Adversarial samples on android malware detection systems for IoT systems. Sensors (Switzerland), 19(4). https://doi.org/10.3390/s19040974
Lu, X., Zhao, J., Zhu, S., & Lio, P. (2024). SNDGCN: Robust Android malware detection based on subgraph network and denoising GCN network. Expert Systems with Applications, 250. https://doi.org/10.1016/j.eswa.2024.123922
Maniriho, P., Mahmood, A. N., & Chowdhury, M. J. M. (2024). A systematic literature review on Windows malware detection: Techniques, research issues, and future directions. Journal of Systems and Software, 209. https://doi.org/10.1016/j.jss.2023.111921
Martins, N., Cruz, J. M., Cruz, T., & Henriques Abreu, P. (2020). Adversarial Machine Learning Applied to Intrusion and Malware Scenarios: A Systematic Review. In IEEE Access (Vol. 8, pp. 35403–35419). Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/ACCESS.2020.2974752
Moti, Z., Hashemi, S., Karimipour, H., Dehghantanha, A., Jahromi, A. N., Abdi, L., & Alavi, F. (2021). Generative adversarial network to detect unseen Internet of Things malware. Ad Hoc Networks, 122. https://doi.org/10.1016/j.adhoc.2021.102591
Or-Meir, O. , C. A. , E. Y. , R. L. , N. N. (2021). Pay Attention: Improving Classification of PE Malware Using Attention Mechanisms Based on System Call Analysis. International Joint Conference on Neural Networks. IJCNN, 1–8.
Pascal Maniriho, Abdun Naser Mahmood, & Mohammad Jabed Morshed Chowdhury. (2023). A systematic literature review on windows malware detection: Techniques, research issues, and future directions. Journal of Systems and Software.
Priyadarshan, P. , S. P. , R. A. , P. (2021). Machine Learning Based Improved Malware Detection Schemes. In: 2021 11th International Conference on Cloud Computing. Data Science Engineering (Confluence), 925–931.
Rathore, H., Bandwala, T., Sahay, S. K., & Sewak, M. (2021). Poster Abstract: Are CNN based Malware Detection Models Robust?: Developing Superior Models using Adversarial Attack and Defense. SenSys 2021 - Proceedings of the 2021 19th ACM Conference on Embedded Networked Sensor Systems, 355–356. https://doi.org/10.1145/3485730.3492867
Rathore, H., Sahay, S. K., Dhillon, J., & Sewak, M. (2021). Designing Adversarial Attack and Defence for Robust Android Malware Detection Models. Proceedings - 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume, DSN-S 2021, 29–32. https://doi.org/10.1109/DSN-S52858.2021.00025
Rathore, H., Samavedhi, A., Sahay, S. K., & Sewak, M. (2022). Are Malware Detection Models Adversarial Robust Against Evasion Attack? INFOCOM WKSHPS 2022 - IEEE Conference on Computer Communications Workshops. https://doi.org/10.1109/INFOCOMWKSHPS54753.2022.9798221
Reddy, G. S., & Lakshmi, S. M. (2021). Retraction: Exploring adversarial attacks against malware classifiers in the backdoor poisoning attack (IOP Conf. Ser.: Mater. Sci. Eng. 1022 012037). IOP Conference Series: Materials Science and Engineering, 1022(1), 012125. https://doi.org/10.1088/1757-899x/1022/1/012125
Rust-Nguyen, N., Sharma, S., & Stamp, M. (2023). Darknet traffic classification and adversarial attacks using machine learning. Computers and Security, 127. https://doi.org/10.1016/j.cose.2023.103098
Sabuhi, M., Zhou, M., Bezemer, C. P., & Musilek, P. (2021). Applications of Generative Adversarial Networks in Anomaly Detection: A Systematic Literature Review. In IEEE Access (Vol. 9, pp. 161003–161029). Institute of Electrical and Electronics Engineers Inc. https://doi.org/10.1109/ACCESS.2021.3131949
Sánchez Sánchez, P. M., Huertas Celdrán, A., Bovet, G., & Martínez Pérez, G. (2024). Adversarial attacks and defenses on ML- and hardware-based IoT device fingerprinting and identification. Future Generation Computer Systems, 152, 30–42. https://doi.org/10.1016/j.future.2023.10.011
Saravanan, T., Deepa, S., & Sasikumar, P. (2023). Advanced EGAN-IDS Framework for Resilience against Adversarial Attacks using Multi-headed Attention Module. Procedia Computer Science, 230, 203–213. https://doi.org/10.1016/j.procs.2023.12.075
Skylight cyber. (2019). Skylight cyber . Https://Skylightcyber.Com/2019/07/18/Cylance-i-Kill-You/.
Sophos. (2024). Sophos 2024 Threat Report: Cybercrime on Main Street.
Stokes, J. W., Wang, D., Marinescu, M., Marino, M., & Bussone, B. (2017). Attack and Defense of Dynamic Analysis-Based, Adversarial Neural Malware Detection Models.
Taheri, R., Javidan, R., Shojafar, M., Pooranian, Z., Miri, A., & Conti, M. (2020). On defending against label flipping attacks on malware detection systems. Neural Computing and Applications, 32(18), 14781–14800. https://doi.org/10.1007/s00521-020-04831-9
Taheri, R., Shojafar, M., Alazab, M., & Tafazolli, R. (2021). Fed-IIoT: A Robust Federated Malware Detection Architecture in Industrial IoT. IEEE Transactions on Industrial Informatics, 17(12), 8442–8452. https://doi.org/10.1109/TII.2020.3043458
Wang, F., Lu, Y., Wang, C., & Li, Q. (2021). Binary Black-Box Adversarial Attacks with Evolutionary Learning against IoT Malware Detection. Wireless Communications and Mobile Computing, 2021. https://doi.org/10.1155/2021/8736946
Wang, J., Yang, T., Yao, P., Yan, B., Hao, W., & Yang, Q. (2021). Adversarial Malware Examples for Terminal Cyberspace Attack Analysis in Cyber-Physical Power Systems. Proceedings - 2021 International Conference on Power System Technology: Carbon Neutrality and New Type of Power System, POWERCON 2021, 1865–1870. https://doi.org/10.1109/POWERCON53785.2021.9697702
Woessner, P. A. (2020). Adversarial Attack Prevention And Malware Detection System.
Yan, S., Ren, J., Wang, W., Sun, L., Zhang, W., & Yu, Q. (2023). A Survey of Adversarial Attack and Defense Methods for Malware Classification in Cyber Security. IEEE Communications Surveys and Tutorials, 25(1), 467–496. https://doi.org/10.1109/COMST.2022.3225137
Yang, W., & Yin, F. (2023). A Multi-Strategy Adversarial Attack Method for Deep Learning Based Malware Detectors. Proceedings - 2023 7th International Conference on Cryptography, Security and Privacy, CSP 2023, 66–70. https://doi.org/10.1109/CSP58884.2023.00018
Yuan, J., Zhou, S., Lin, L., Wang, F., & Cui, J. (2020). Black-box adversarial attacks against deep learning based malware binaries detection with gan. Frontiers in Artificial Intelligence and Applications, 325, 2536–2542. https://doi.org/10.3233/FAIA200388
Yuan, P., Wang, S., Zhao, C., Wang, W., Bai, D., Peng, L., & Chen, Z. (2023). Adversarial Attack with Genetic Algorithm against IoT Malware Detectors. IEEE International Conference on Communications, 2023-May, 1413–1418. https://doi.org/10.1109/ICC45041.2023.10279299
Zhan, D., Duan, Y., Hu, Y., Yin, L., Pan, Z., & Guo, S. (2023). AMGmal: Adaptive mask-guided adversarial attack against malware detection with minimal perturbation. https://www.sciencedirect.com/science/article/pii/S0167404823000135
Zhang, Y., Jiang, J., Yi, C., Li, H., Min, S., Zuo, R., An, Z., & Yu, Y. (2024). A Robust CNN for Malware Classification against Executable Adversarial Attack. Electronics (Switzerland), 13(5). https://doi.org/10.3390/electronics13050989
