Comments (6)
zangobot
commented on June 2, 2024
1
To better understand the attack, I suggest you to have a read at the paper of the attack: https://arxiv.org/abs/2003.13526
The "iterations" parameters specify the number of iteration, while the population size specifies how many variants of the same sample are generated at each round (see the genetic algorithm explanation in the paper).
The attack injects content from goodware samples (that you specify with the "goodware_folder" parameter).
The "how_many" parameter is used to decide how many goodware extract from that folder.
Regarding Android malware, no, this repository is only intended to manipulate Windows malware.
Attacks against those detectors are provided to work only in feature space in the original SecML library (but there are no manipulations attached).
But, if you would like to extend it and create input-space attacks on Android, you can open a pull request with your work!
And thank you for citing my work, I hope it was helpful so far!
from secml_malware.
zangobot
commented on June 2, 2024
Hello, the evasion depends on the threshold that you have. Here the optimizer stops after 11 queries (because it is likely that it found a region where the decision function is flat).
Try to increase the number of sections used for the attack, and try to decrease the regularization parameter.
The success of the attack also depends on the goodware you are using to inject content.
from secml_malware.
QuangNguyen2609
commented on June 2, 2024
u mean the section used for attack is "how many" parameter right ? and I'm not sure what's the effect of population size to this attack and how many goodware is enough for this attack (I have 7000 malware). Im also wondering if goodwares need to be specific to run the attack successfully
thanks alot
from secml_malware.
QuangNguyen2609
commented on June 2, 2024
Ah one more thing, im wondering are there any attacks that i can run for Android Malware Detection with Drebin like the tutorial ? It would be helpful if you could show me how to initialize those attacks. I will cite your work after my paper is done
from secml_malware.
quangnguyen-uoa
commented on June 2, 2024
Thakns you very much. I have one last question as I follow the CAttackEvasionPGDLS attack for Android Malware Detection. I ran the debugger several time but I haven't found the contribution of dmax (attack budget). Can you show it to me and what does the dmax do to the attack please ? Thanks alot
from secml_malware.
zangobot
commented on June 2, 2024
Wait wait that is another library 😄
Please open an issue there to get help with the SecML library (also, I don't think I understood the question).
I am closing this issue for now.
from secml_malware.
Related Issues (20)
- How to run lightGBM and SOREL model using secml_malware? HOT 2
- No data preprocessing for SorelNet? HOT 2
- Error while running the sample attack code from blackbox_tutorial.ipynb HOT 4
- real sample generation HOT 5
- can't attack EMBER model HOT 1
- Confidence on Microsoft Malware Classification Challenge HOT 10
- Differences Between WhiteBox Attacks HOT 7
- Adding support for QuoVadis models HOT 2
- AttributeError: 'NoneType' object has no attribute 'dos_header' HOT 4
- No such file or directory: 'secml_malware/data/malware_samples/test_folder' HOT 3
- lightGBM and SOREL model weights? HOT 1
- Support for ensemble models HOT 1
- SOREL ATTACK HOT 1
- FGSM Attacking Running for days HOT 1
- Train models HOT 5
- Fix numpy retrocompatibility for CClassifierEmber
- issue installing secml-malware with pip with python 3.12
- Wrong ember prediction
- GAMMA section injections might load sections at random
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from secml_malware.