{"id":"https://openalex.org/W4383754176","doi":"https://doi.org/10.1109/tifs.2023.3293959","title":"MalProtect: Stateful Defense Against Adversarial Query Attacks in ML-Based Malware Detection","display_name":"MalProtect: Stateful Defense Against Adversarial Query Attacks in ML-Based Malware Detection","publication_year":2023,"publication_date":"2023-01-01","ids":{"openalex":"https://openalex.org/W4383754176","doi":"https://doi.org/10.1109/tifs.2023.3293959"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2023.3293959","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2023.3293959","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5018121502","display_name":"Aqib Rashid","orcid":"https://orcid.org/0000-0003-3416-6861"},"institutions":[{"id":"https://openalex.org/I183935753","display_name":"King's College London","ror":"https://ror.org/0220mzb33","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I183935753"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Aqib Rashid","raw_affiliation_strings":["Department of Informatics, King&#x2019;s College London, Strand Campus, London, U.K"],"affiliations":[{"raw_affiliation_string":"Department of Informatics, King&#x2019;s College London, Strand Campus, London, U.K","institution_ids":["https://openalex.org/I183935753"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5052525506","display_name":"Jos\u00e9 M. Such","orcid":"https://orcid.org/0000-0002-6041-178X"},"institutions":[{"id":"https://openalex.org/I183935753","display_name":"King's College London","ror":"https://ror.org/0220mzb33","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I183935753"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Jose Such","raw_affiliation_strings":["Department of Informatics, King&#x2019;s College London, Strand Campus, London, U.K"],"affiliations":[{"raw_affiliation_string":"Department of Informatics, King&#x2019;s College London, Strand Campus, London, U.K","institution_ids":["https://openalex.org/I183935753"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5018121502"],"corresponding_institution_ids":["https://openalex.org/I183935753"],"apc_list":null,"apc_paid":null,"fwci":3.1697,"has_fulltext":false,"cited_by_count":16,"citation_normalized_percentile":{"value":0.9283943,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"18","issue":null,"first_page":"4361","last_page":"4376"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/stateful-firewall","display_name":"Stateful firewall","score":0.9021897315979004},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8866477012634277},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7188806533813477},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.6083654761314392},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.48362934589385986},{"id":"https://openalex.org/keywords/android-malware","display_name":"Android malware","score":0.4807688891887665},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.4163256883621216},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3350735306739807},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3287425935268402}],"concepts":[{"id":"https://openalex.org/C22927095","wikidata":"https://www.wikidata.org/wiki/Q1784206","display_name":"Stateful firewall","level":3,"score":0.9021897315979004},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8866477012634277},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7188806533813477},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.6083654761314392},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.48362934589385986},{"id":"https://openalex.org/C2989133298","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android malware","level":3,"score":0.4807688891887665},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.4163256883621216},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3350735306739807},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3287425935268402},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/tifs.2023.3293959","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2023.3293959","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},{"id":"pmh:oai:kclpure.kcl.ac.uk:publications/5c2297c7-110b-4a14-bcf6-587e0770bc89","is_oa":false,"landing_page_url":"https://kclpure.kcl.ac.uk/portal/en/publications/5c2297c7-110b-4a14-bcf6-587e0770bc89","pdf_url":null,"source":{"id":"https://openalex.org/S4306400216","display_name":"Research Portal (King's College London)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I183935753","host_organization_name":"King's College London","host_organization_lineage":["https://openalex.org/I183935753"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Rashid, A & Such, J 2023, 'MalProtect: Stateful Defense Against Adversarial Query Attacks in ML-Based Malware Detection', IEEE Transactions on Information Forensics and Security, vol. 18, pp. 4361-4376. https://doi.org/10.1109/TIFS.2023.3293959","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.699999988079071}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":121,"referenced_works":["https://openalex.org/W9657784","https://openalex.org/W52272080","https://openalex.org/W1520914943","https://openalex.org/W1545175007","https://openalex.org/W1673923490","https://openalex.org/W1945616565","https://openalex.org/W1981976602","https://openalex.org/W2038296020","https://openalex.org/W2056427612","https://openalex.org/W2076063813","https://openalex.org/W2079054072","https://openalex.org/W2083183119","https://openalex.org/W2122672392","https://openalex.org/W2132874238","https://openalex.org/W2180612164","https://openalex.org/W2202636141","https://openalex.org/W2432142698","https://openalex.org/W2464629196","https://openalex.org/W2603766943","https://openalex.org/W2620038827","https://openalex.org/W2744095836","https://openalex.org/W2746600820","https://openalex.org/W2753594008","https://openalex.org/W2768209273","https://openalex.org/W2774253509","https://openalex.org/W2775261393","https://openalex.org/W2776884785","https://openalex.org/W2780484784","https://openalex.org/W2782290149","https://openalex.org/W2808915780","https://openalex.org/W2837911466","https://openalex.org/W2890262614","https://openalex.org/W2911510572","https://openalex.org/W2912070915","https://openalex.org/W2913848079","https://openalex.org/W2948271449","https://openalex.org/W2953506610","https://openalex.org/W2962862931","https://openalex.org/W2963062382","https://openalex.org/W2963070423","https://openalex.org/W2963143631","https://openalex.org/W2963744840","https://openalex.org/W2963777745","https://openalex.org/W2963857521","https://openalex.org/W2964082701","https://openalex.org/W2964159373","https://openalex.org/W2964636835","https://openalex.org/W2969695741","https://openalex.org/W2973628901","https://openalex.org/W2984051454","https://openalex.org/W2987228832","https://openalex.org/W2989701968","https://openalex.org/W2998074434","https://openalex.org/W3007318395","https://openalex.org/W3011839747","https://openalex.org/W3015481738","https://openalex.org/W3015625436","https://openalex.org/W3022269570","https://openalex.org/W3035379805","https://openalex.org/W3040266635","https://openalex.org/W3044129898","https://openalex.org/W3091857398","https://openalex.org/W3103340107","https://openalex.org/W3103940881","https://openalex.org/W3106412272","https://openalex.org/W3109447255","https://openalex.org/W3113062381","https://openalex.org/W3120073944","https://openalex.org/W3120848642","https://openalex.org/W3120979750","https://openalex.org/W3128391794","https://openalex.org/W3135550350","https://openalex.org/W3157076793","https://openalex.org/W3168455774","https://openalex.org/W3181727351","https://openalex.org/W3198840923","https://openalex.org/W3199257374","https://openalex.org/W3203534993","https://openalex.org/W3208646583","https://openalex.org/W4281293216","https://openalex.org/W4287644588","https://openalex.org/W4287752693","https://openalex.org/W4297573953","https://openalex.org/W4297663686","https://openalex.org/W4300511536","https://openalex.org/W4307964232","https://openalex.org/W4378977274","https://openalex.org/W4385412351","https://openalex.org/W4386375088","https://openalex.org/W4394645559","https://openalex.org/W6600428322","https://openalex.org/W6602154366","https://openalex.org/W6637162671","https://openalex.org/W6640425456","https://openalex.org/W6717848421","https://openalex.org/W6719080892","https://openalex.org/W6733645847","https://openalex.org/W6737947904","https://openalex.org/W6743618022","https://openalex.org/W6745480919","https://openalex.org/W6746608116","https://openalex.org/W6747573110","https://openalex.org/W6748475379","https://openalex.org/W6748881466","https://openalex.org/W6750404860","https://openalex.org/W6753153400","https://openalex.org/W6753291921","https://openalex.org/W6758458550","https://openalex.org/W6758779121","https://openalex.org/W6758975236","https://openalex.org/W6769700838","https://openalex.org/W6774549192","https://openalex.org/W6786639168","https://openalex.org/W6787959460","https://openalex.org/W6788748602","https://openalex.org/W6790995289","https://openalex.org/W6797987041","https://openalex.org/W6801783160","https://openalex.org/W6809821257","https://openalex.org/W6840571915","https://openalex.org/W6842634206"],"related_works":["https://openalex.org/W2782775281","https://openalex.org/W2560361988","https://openalex.org/W2507113366","https://openalex.org/W4327939473","https://openalex.org/W3025122950","https://openalex.org/W2311926078","https://openalex.org/W3200508744","https://openalex.org/W2462192250","https://openalex.org/W4312234627","https://openalex.org/W3195312353"],"abstract_inverted_index":{"ML":[0,36],"models":[1,38],"are":[2,15,126,137],"known":[3],"to":[4,7,50,65,122,166],"be":[5,110],"vulnerable":[6],"adversarial":[8,74,124,179,214],"query":[9,44,67,154,180],"attacks.":[10,168],"In":[11,115,195],"these":[12,54,98],"attacks,":[13],"queries":[14,83],"iteratively":[16],"perturbed":[17],"towards":[18],"a":[19,47,150,190],"particular":[20],"class":[21],"without":[22],"any":[23],"knowledge":[24],"of":[25,34,53,73,82,178,192,199],"the":[26,51,71,80,86,116,120,157,175,196,212],"target":[27],"model":[28],"besides":[29],"its":[30,200],"output.":[31],"The":[32],"prevalence":[33],"remotely-hosted":[35],"classification":[37],"and":[39,69,78,129,186],"Machine-Learning-as-a-Service":[40],"platforms":[41],"means":[42],"that":[43,108,133,172,204],"attacks":[45,68,155,181],"pose":[46],"real":[48],"threat":[49,164],"security":[52],"systems.":[55],"To":[56],"deal":[57],"with":[58],"this,":[59],"stateful":[60,89,151,208],"defenses":[61,90,99],"have":[62,91],"been":[63,92],"proposed":[64,93],"detect":[66,167],"prevent":[70],"generation":[72],"examples":[75,125],"by":[76,85,182],"monitoring":[77],"analyzing":[79],"sequence":[81],"received":[84],"system.":[87],"Several":[88],"in":[94,112,142,156,184],"recent":[95],"years.":[96],"However,":[97],"rely":[100],"solely":[101],"on":[102],"similarity":[103],"or":[104],"out-of-distribution":[105],"detection":[106,118,135,159],"methods":[107,121],"may":[109],"effective":[111],"other":[113],"domains.":[114],"malware":[117,158],"domain,":[119],"generate":[123],"inherently":[127],"different,":[128],"therefore":[130],"we":[131,145,202],"find":[132],"such":[134],"mechanisms":[136],"significantly":[138],"less":[139],"effective.":[140],"Hence,":[141],"this":[143],"paper,":[144],"present":[146],"MalProtect,":[147],"which":[148],"is":[149],"defense":[152],"against":[153],"domain.":[160],"MalProtect":[161,205],"uses":[162],"several":[163],"indicators":[165],"Our":[169],"results":[170],"show":[171,203],"it":[173],"reduces":[174],"evasion":[176],"rate":[177],"80+%":[183],"Android":[185],"Windows":[187],"malware,":[188],"across":[189],"range":[191],"attacker":[193],"scenarios.":[194],"first":[197],"evaluation":[198],"kind,":[201],"outperforms":[206],"prior":[207],"defenses,":[209],"especially":[210],"under":[211],"peak":[213],"threat.":[215]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":11},{"year":2024,"cited_by_count":4}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}