On Embedding Backdoor in Malware Detectors Using Machine Learning

Researching for malware detection using machine learning is becoming active. However, conventional detection techniques do not consider the impact of attacks on machine learning, which has become complicated in recent years. In this research, we focus on data poisoning attack, which is one of the typical attacks on machine learning, and aim to clarify the influence of attacks on malware detection technology. Data poisoning attack is an attack method that intentionally manipulates the predicted result of a learned model by injecting poisoning data into training data, and by applying this, it is possible to embed a backdoor that induces mis-prediction of only specific input data. In this paper, we first propose an attack framework for backdoor embedding that prevents detection of only specific types of malware by data poisoning attack. Next, we will describe a method to generate poisoning data efficiently while avoiding attack detection by solving the optimization problem. Furthermore, we take malware detection technology using logistic regression and show the effectiveness of the our method through evaluation experiments using two datasets.