{"id":"https://openalex.org/W2969422184","doi":"https://doi.org/10.1145/3427228.3427230","title":"Query-Efficient Black-Box Attack Against Sequence-Based Malware Classifiers","display_name":"Query-Efficient Black-Box Attack Against Sequence-Based Malware Classifiers","publication_year":2020,"publication_date":"2020-12-07","ids":{"openalex":"https://openalex.org/W2969422184","doi":"https://doi.org/10.1145/3427228.3427230","mag":"2969422184"},"language":"en","primary_location":{"id":"doi:10.1145/3427228.3427230","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3427228.3427230","pdf_url":null,"source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/1804.08778","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5075755095","display_name":"Ishai Rosenberg","orcid":"https://orcid.org/0000-0003-3509-4329"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":true,"raw_author_name":"Ishai Rosenberg","raw_affiliation_strings":["Ben-Gurion University of the Negev, Israel","Ben\u2010Gurion University of the Negev, Israel"],"affiliations":[{"raw_affiliation_string":"Ben-Gurion University of the Negev, Israel","institution_ids":["https://openalex.org/I124227911"]},{"raw_affiliation_string":"Ben\u2010Gurion University of the Negev, Israel","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002391103","display_name":"Asaf Shabtai","orcid":"https://orcid.org/0000-0003-0630-4059"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Asaf Shabtai","raw_affiliation_strings":["Ben-Gurion University of the Negev","Ben\u2010Gurion University of the Negev"],"affiliations":[{"raw_affiliation_string":"Ben-Gurion University of the Negev","institution_ids":["https://openalex.org/I124227911"]},{"raw_affiliation_string":"Ben\u2010Gurion University of the Negev","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072913672","display_name":"Yuval Elovici","orcid":"https://orcid.org/0000-0002-9641-128X"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Yuval Elovici","raw_affiliation_strings":["Ben Gurion University of the Negev","Ben\u2010Gurion University of the Negev"],"affiliations":[{"raw_affiliation_string":"Ben Gurion University of the Negev","institution_ids":["https://openalex.org/I124227911"]},{"raw_affiliation_string":"Ben\u2010Gurion University of the Negev","institution_ids":["https://openalex.org/I124227911"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5012622155","display_name":"Lior Rokach","orcid":"https://orcid.org/0000-0002-6956-3341"},"institutions":[{"id":"https://openalex.org/I124227911","display_name":"Ben-Gurion University of the Negev","ror":"https://ror.org/05tkyf982","country_code":"IL","type":"education","lineage":["https://openalex.org/I124227911"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Lior Rokach","raw_affiliation_strings":["Ben-Gurion University of the Negev","Ben\u2010Gurion University of the Negev"],"affiliations":[{"raw_affiliation_string":"Ben-Gurion University of the Negev","institution_ids":["https://openalex.org/I124227911"]},{"raw_affiliation_string":"Ben\u2010Gurion University of the Negev","institution_ids":["https://openalex.org/I124227911"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5075755095"],"corresponding_institution_ids":["https://openalex.org/I124227911"],"apc_list":null,"apc_paid":null,"fwci":0.1117,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.33961612,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":93},"biblio":{"volume":null,"issue":null,"first_page":"611","last_page":"626"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9937000274658203,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8878200054168701},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8393698930740356},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.7520289421081543},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6344588398933411},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6079353094100952},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.4989964962005615},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.4801763594150543},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2139328122138977}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8878200054168701},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8393698930740356},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.7520289421081543},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6344588398933411},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6079353094100952},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.4989964962005615},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.4801763594150543},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2139328122138977}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1145/3427228.3427230","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3427228.3427230","pdf_url":null,"source":{"id":"https://openalex.org/S4306417673","display_name":"Annual Computer Security Applications Conference","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Annual Computer Security Applications Conference","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:1804.08778","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1804.08778","pdf_url":"https://arxiv.org/pdf/1804.08778","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"mag:2969422184","is_oa":true,"landing_page_url":"https://arxiv.org/abs/1804.08778","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"arXiv (Cornell University)","raw_type":null},{"id":"doi:10.48550/arxiv.1804.08778","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.1804.08778","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:1804.08778","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1804.08778","pdf_url":"https://arxiv.org/pdf/1804.08778","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[{"score":0.7900000214576721,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2969422184.pdf","grobid_xml":"https://content.openalex.org/works/W2969422184.grobid-xml"},"referenced_works_count":28,"referenced_works":["https://openalex.org/W67486310","https://openalex.org/W2095577883","https://openalex.org/W2121749752","https://openalex.org/W2135143063","https://openalex.org/W2162974319","https://openalex.org/W2565378226","https://openalex.org/W2574797807","https://openalex.org/W2590523583","https://openalex.org/W2593383075","https://openalex.org/W2618219509","https://openalex.org/W2746600820","https://openalex.org/W2749572357","https://openalex.org/W2776884785","https://openalex.org/W2798159728","https://openalex.org/W2952171179","https://openalex.org/W2962718684","https://openalex.org/W2962773240","https://openalex.org/W2963062382","https://openalex.org/W2963207607","https://openalex.org/W2963456134","https://openalex.org/W2963834268","https://openalex.org/W2963859254","https://openalex.org/W2964017345","https://openalex.org/W2964253222","https://openalex.org/W2964268978","https://openalex.org/W2964636835","https://openalex.org/W3015481738","https://openalex.org/W3104158743"],"related_works":["https://openalex.org/W3113062381","https://openalex.org/W2799137713","https://openalex.org/W2776884785","https://openalex.org/W3006837754","https://openalex.org/W3012161115","https://openalex.org/W3112370249","https://openalex.org/W199319018","https://openalex.org/W3203077462","https://openalex.org/W2792991556","https://openalex.org/W3210309835","https://openalex.org/W2780484784","https://openalex.org/W3170962599","https://openalex.org/W2963539830","https://openalex.org/W2902612505","https://openalex.org/W3127627101","https://openalex.org/W3000918648","https://openalex.org/W3180933073","https://openalex.org/W3199703676","https://openalex.org/W3199825580","https://openalex.org/W2508644642"],"abstract_inverted_index":{"In":[0,50,65],"this":[1],"paper,":[2],"we":[3],"present":[4],"a":[5,102,185],"generic,":[6],"query-efficient":[7,153,174],"black-box":[8],"attack":[9,56,95,126,159],"against":[10,101],"API":[11,25],"call-based":[12],"machine":[13],"learning":[14],"malware":[15,43,61,80,86,105,182],"classifiers.":[16],"We":[17,92,149],"generate":[18],"adversarial":[19,35],"examples":[20,36],"by":[21,40,78],"modifying":[22],"the":[23,41,47,58,70,75,79,85,94,133,143,167],"malware\u2019s":[24,48],"call":[26],"sequences":[27],"and":[28,33,120,139,155,163],"non-sequential":[29],"features":[30],"(printable":[31],"strings),":[32],"these":[34],"will":[37],"be":[38],"misclassified":[39],"target":[42],"classifier":[44,62,106],"without":[45],"affecting":[46],"functionality.":[49],"contrast":[51],"to":[52],"previous":[53],"studies,":[54],"our":[55,68,158],"minimizes":[57],"number":[59],"of":[60,84,104],"queries":[63,162],"required.":[64],"addition,":[66],"in":[67],"attack,":[69],"attacker":[71,82],"must":[72],"only":[73],"know":[74],"class":[76,146],"predicted":[77,145],"classifier;":[81],"knowledge":[83,165],"classifier\u2019s":[87,134,144],"confidence":[88,135],"score":[89,136],"is":[90,129,137,147],"optional.":[91],"evaluate":[93],"effectiveness":[96],"when":[97,132,141],"attacks":[98,154],"are":[99],"performed":[100],"variety":[103],"architectures,":[107],"including":[108],"recurrent":[109],"neural":[110,115],"network":[111],"(RNN)":[112],"variants,":[113],"deep":[114],"networks,":[116],"support":[117],"vector":[118],"machines,":[119],"gradient":[121],"boosted":[122],"decision":[123],"trees.":[124],"Our":[125],"success":[127],"rate":[128],"around":[130],"98%":[131],"known":[138],"64%":[140],"just":[142],"known.":[148],"implement":[150],"four":[151],"state-of-the-art":[152],"show":[156],"that":[157],"requires":[160],"fewer":[161],"less":[164],"about":[166],"attacked":[168],"model\u2019s":[169],"architecture":[170],"than":[171],"other":[172],"existing":[173],"attacks,":[175],"making":[176],"it":[177],"practical":[178],"for":[179],"attacking":[180],"cloud-based":[181],"classifiers":[183],"at":[184],"minimal":[186],"cost.":[187]},"counts_by_year":[{"year":2021,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}