{"id":"https://openalex.org/W4317928098","doi":"https://doi.org/10.1109/milcom55135.2022.10017768","title":"Data Sanitization Approach to Mitigate Clean-Label Attacks Against Malware Detection Systems","display_name":"Data Sanitization Approach to Mitigate Clean-Label Attacks Against Malware Detection Systems","publication_year":2022,"publication_date":"2022-11-28","ids":{"openalex":"https://openalex.org/W4317928098","doi":"https://doi.org/10.1109/milcom55135.2022.10017768"},"language":"en","primary_location":{"id":"doi:10.1109/milcom55135.2022.10017768","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/milcom55135.2022.10017768","pdf_url":null,"source":{"id":"https://openalex.org/S4363608114","display_name":"MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5042763734","display_name":"Samson Ho","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Samson Ho","raw_affiliation_strings":["Peraton Labs Inc,Basking Ridge,NJ,USA","Peraton Labs Inc, Basking Ridge, NJ, USA"],"affiliations":[{"raw_affiliation_string":"Peraton Labs Inc,Basking Ridge,NJ,USA","institution_ids":[]},{"raw_affiliation_string":"Peraton Labs Inc, Basking Ridge, NJ, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086703347","display_name":"Achyut Reddy","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Achyut Reddy","raw_affiliation_strings":["Peraton Labs Inc,Basking Ridge,NJ,USA","Peraton Labs Inc, Basking Ridge, NJ, USA"],"affiliations":[{"raw_affiliation_string":"Peraton Labs Inc,Basking Ridge,NJ,USA","institution_ids":[]},{"raw_affiliation_string":"Peraton Labs Inc, Basking Ridge, NJ, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109412228","display_name":"Sridhar Venkatesan","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Sridhar Venkatesan","raw_affiliation_strings":["Peraton Labs Inc,Basking Ridge,NJ,USA","Peraton Labs Inc, Basking Ridge, NJ, USA"],"affiliations":[{"raw_affiliation_string":"Peraton Labs Inc,Basking Ridge,NJ,USA","institution_ids":[]},{"raw_affiliation_string":"Peraton Labs Inc, Basking Ridge, NJ, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5078482977","display_name":"Rauf Izmailov","orcid":"https://orcid.org/0000-0002-7326-669X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Rauf Izmailov","raw_affiliation_strings":["Peraton Labs Inc,Basking Ridge,NJ,USA","Peraton Labs Inc, Basking Ridge, NJ, USA"],"affiliations":[{"raw_affiliation_string":"Peraton Labs Inc,Basking Ridge,NJ,USA","institution_ids":[]},{"raw_affiliation_string":"Peraton Labs Inc, Basking Ridge, NJ, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103911831","display_name":"Ritu Chadha","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ritu Chadha","raw_affiliation_strings":["Peraton Labs Inc,Basking Ridge,NJ,USA","Peraton Labs Inc, Basking Ridge, NJ, USA"],"affiliations":[{"raw_affiliation_string":"Peraton Labs Inc,Basking Ridge,NJ,USA","institution_ids":[]},{"raw_affiliation_string":"Peraton Labs Inc, Basking Ridge, NJ, USA","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5035574749","display_name":"Alina Oprea","orcid":"https://orcid.org/0000-0002-4979-5292"},"institutions":[{"id":"https://openalex.org/I12912129","display_name":"Northeastern University","ror":"https://ror.org/04t5xt781","country_code":"US","type":"education","lineage":["https://openalex.org/I12912129"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Alina Oprea","raw_affiliation_strings":["Northeastern University,Boston,MA,USA","Northeastern University, Boston, MA, USA"],"affiliations":[{"raw_affiliation_string":"Northeastern University,Boston,MA,USA","institution_ids":["https://openalex.org/I12912129"]},{"raw_affiliation_string":"Northeastern University, Boston, MA, USA","institution_ids":["https://openalex.org/I12912129"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5042763734"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.6272,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.69110086,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"993","last_page":"998"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9894000291824341,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.8401920199394226},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7964280843734741},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7694651484489441},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5950789451599121},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.566349983215332},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.566046416759491},{"id":"https://openalex.org/keywords/leverage","display_name":"Leverage (statistics)","score":0.4770174026489258},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.4536069333553314},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.424834668636322},{"id":"https://openalex.org/keywords/trojan","display_name":"Trojan","score":0.4126887321472168}],"concepts":[{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.8401920199394226},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7964280843734741},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7694651484489441},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5950789451599121},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.566349983215332},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.566046416759491},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.4770174026489258},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.4536069333553314},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.424834668636322},{"id":"https://openalex.org/C174333608","wikidata":"https://www.wikidata.org/wiki/Q19635","display_name":"Trojan","level":2,"score":0.4126887321472168}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/milcom55135.2022.10017768","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/milcom55135.2022.10017768","pdf_url":null,"source":{"id":"https://openalex.org/S4363608114","display_name":"MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.4399999976158142}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":30,"referenced_works":["https://openalex.org/W1552056088","https://openalex.org/W1673923490","https://openalex.org/W2007562169","https://openalex.org/W2033368661","https://openalex.org/W2105037940","https://openalex.org/W2112507308","https://openalex.org/W2162552722","https://openalex.org/W2748789698","https://openalex.org/W2768348081","https://openalex.org/W2962763344","https://openalex.org/W2962862931","https://openalex.org/W2963857521","https://openalex.org/W3116515605","https://openalex.org/W3120073944","https://openalex.org/W3126600141","https://openalex.org/W3154572656","https://openalex.org/W3214399478","https://openalex.org/W4205093476","https://openalex.org/W4287671850","https://openalex.org/W4298140072","https://openalex.org/W4300687693","https://openalex.org/W6637162671","https://openalex.org/W6675751573","https://openalex.org/W6676935882","https://openalex.org/W6684011098","https://openalex.org/W6750318962","https://openalex.org/W6750462152","https://openalex.org/W6779726776","https://openalex.org/W6782718173","https://openalex.org/W6787959460"],"related_works":["https://openalex.org/W3106646114","https://openalex.org/W4308244459","https://openalex.org/W4221166349","https://openalex.org/W4226092343","https://openalex.org/W4200628936","https://openalex.org/W4389518867","https://openalex.org/W4225678119","https://openalex.org/W2969023901","https://openalex.org/W4328053081","https://openalex.org/W4366850823"],"abstract_inverted_index":{"Machine":[0],"learning":[1,52],"(ML)":[2],"models":[3],"are":[4,47],"increasingly":[5],"being":[6],"used":[7],"in":[8,17,77,85,223],"the":[9,32,35,88,99,132,143,156,174,179,182,187,204,214,232,241],"development":[10],"of":[11,34,101,131,147,158,189,234,244],"Malware":[12],"Detection":[13],"Systems.":[14],"Existing":[15],"research":[16],"this":[18],"area":[19],"primarily":[20],"focuses":[21],"on":[22,73,173],"developing":[23],"new":[24],"architectures":[25,171],"and":[26,121],"feature":[27,151],"representation":[28],"techniques":[29,46],"to":[30,49,90,97,128,150,195,249],"improve":[31],"accuracy":[33,157,188,243],"model.":[36,161],"However,":[37,221],"recent":[38,71],"studies":[39],"have":[40,60,109],"shown":[41,96],"that":[42,153,166,200],"existing":[43],"state-of-the":[44,169],"art":[45,170],"vulnerable":[48],"adversarial":[50],"machine":[51],"(AML)":[53],"attacks.":[54],"Among":[55],"those,":[56],"data":[57],"poisoning":[58,75,107,119],"attacks":[59,76,108,238],"been":[61,110],"identified":[62],"as":[63],"a":[64,92,115,136,159],"top":[65],"concern":[66],"for":[67,87,167],"ML":[68],"practitioners.":[69],"A":[70],"study":[72],"clean-label":[74,118,180,205],"which":[78],"an":[79,123],"adversary":[80],"intentionally":[81],"crafts":[82],"training":[83,138],"samples":[84,134,149,192,201],"order":[86],"model":[89],"learn":[91],"backdoor":[93,190],"watermark":[94],"was":[95],"degrade":[98],"performance":[100],"state-of-the-art":[102],"classifiers.":[103],"Defenses":[104],"against":[105],"such":[106,224,235],"largely":[111],"under-explored.":[112],"We":[113,197],"investigate":[114],"recently":[116],"proposed":[117],"attack":[120,206],"leverage":[122],"ensemble-based":[124],"Nested":[125,183,227],"Training":[126,184,228],"technique":[127,141,229],"remove":[129],"most":[130],"poisoned":[133,137,148,218],"from":[135,193,247],"dataset.":[139],"Our":[140],"leverages":[142],"relatively":[144],"large":[145],"sensitivity":[146],"noise":[152],"disproportionately":[154],"affects":[155],"backdoored":[160],"In":[162],"particular,":[163],"we":[164],"show":[165,199],"two":[168],"trained":[172],"EMBER":[175],"dataset":[176],"affected":[177],"by":[178,203,239],"attack,":[181],"approach":[185],"improves":[186],"malware":[191,210,245],"3.42%":[194],"93.2%.":[196,250],"also":[198],"produced":[202],"often":[207],"successfully":[208],"evade":[209],"classification":[211],"even":[212,222],"when":[213],"classifier":[215],"is":[216],"not":[217],"during":[219],"training.":[220],"scenarios,":[225],"our":[226],"can":[230],"mitigate":[231],"effect":[233],"clean-label-based":[236],"evasion":[237],"recovering":[240],"model's":[242],"detection":[246],"3.57%":[248]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":2}],"updated_date":"2026-04-02T15:55:50.835912","created_date":"2025-10-10T00:00:00"}