时间:2018-6-15星期五,下午4点
地点:学院 106会议室
题目:
对抗人工智能:在基于机器学习的Android恶意软件检测中的攻击者策略
个人简介:
李峰是印第安那大学普渡大学印第安纳波利斯分校(IUPUI)普渡大学工程与技术学院计算机信息与技术系主任兼副教授(终身教授)。他的研究兴趣包括网络安全,移动计算和无线网络,社交网络中的隐私保护以及人工智能中的安全和隐私保护。李博士定期出版学术期刊,会议论文集和书籍章节。李博士是2015年ACM计算机和通信安全会议(CCS)和2013年IEEE国际分布式计算系统会议(ICDCS)的Publication Chair和组织委员会成员,REU网络和系统研究研讨会2017, 2016 和2014 TPC主席(REUNS)。他是IEEE国际计算机通信会议(INFOCOM 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018和2019)以及其他许多国际会议的Technical Program Committee成员。
摘要:
网络安全防御和恶意软件检测方案越来越多地使用基于机器学习的签名和漏洞检测来减轻人类专家繁琐且主观的手动定义任务。然而,这不可避免地会导致攻击者和防御者形成在安全问题中常见的猫和老鼠游戏。一直以来, 攻击者会努力欺骗签名检测和启发式算法,也会设计欺骗统计模型。在这次演讲中,李峰将进一步讨论一些最近的对抗人工智能中的研究发展。这些发展使得攻击者可能对抗和欺骗基于机器学习和人工智能的网络空间安全设计。他将首先介绍一个基于小图块取样机器学习的Android恶意软件检测方案。在本案例研究的背景下,他将讨论攻击者逃避机器学习检测,毒害机器学习模型,破坏用户采样的对抗策略。这些复杂的攻击者显然凸显了研究网络安全中对抗机器学习的必要。
Title:
Adversarial Machine Learning: Attacker’s Strategy in Android Malware Detection via Graphlet Sampling
Bio:
Feng Li is the Chair and Associate Professor in the Department of Computer Information & Graphics Technology within the Purdue School of Engineering and Technology, at Indiana University-Purdue University Indianapolis (IUPUI). His current research interests include cybersecurity, mobile computing and wireless networks, cloud and distributed computing, privacy protection in social networks, and security and privacy in machine learning. Dr. Li regularly publishes in scholarly journals, conference proceedings, and book chapters. Dr. Li was the Publication Co-Chair and Organization Committee Member for 2015 ACM Conference on Computer and Communications Security (CCS) and 2013 IEEE International Conference on Distributed Computing Systems (ICDCS), TPC Chair for National Workshop for REU Research in Networking and Systems (REUNS) 2017, 2016 and 2014. He was the Technical Program Committee member for IEEE International Conference on Computer Communications (INFOCOM 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018 and 2019) and many other international conferences.
Abstract:
The Cybersecurity defense and malware detection schemes are increasingly using machine-learning-based signature and vulnerability detection to relieve human experts from the tedious and subjective task of manually defining features. However, this inevitably devolves into the cat-and-mouse game seen in many facets of security. Traditionally, attackers evade signatures and heuristics, and they evade statistical models too. In this talk, Feng Li offers some background on the academic security world’s attempt at understanding how to break and fix Machine-Learning-based Cybersecurity systems. He will discuss the design of an Android Malware Detection scheme via Graphlet-Sampling-based machine learning. With the context from this case study, he will discuss serval possible strategies for the attackers to evade the detection or poison the machine learning. These sophisticated attackers clearly motivate the need to study the Adversarial Machine Learning (ML) in the Cybersecurity.
Android systems are widely used in mobile & wireless distributed systems. However, with the popularity of Android-based smartphones/tablets comes the rampancy of Android-based malware. We first introduce our design of a novel topological signature based ML scheme for Android apps, using the function call graphs (FCGs) extracted from their Android App PacKages (APKs). Specifically, by leveraging recent advances on graphlet mining, the proposed method fully captures the invocator-invocatee relationship at local neighborhoods in an FCG. Using real benign app and malware samples, we demonstrate that our method, ACTS (App topological signature through graphlet Sampling), can detect malware and identify malware families robustly and efficiently. Using the context of this learning-based Cybersecurity scheme, we switch to the attackers’ point-of-view and explore they strategy space to counter the ML-design. We will discuss some possible strategies in adversarial data manipulation for the attackers to evade the classification, poison the ML model, and/or violate the privacy of the users of the learning-based Cybersecurity scheme.
