{"id":"https://openalex.org/W3012161115","doi":"https://doi.org/10.1145/3374664.3375741","title":"Deceiving Portable Executable Malware Classifiers into Targeted Misclassification with Practical Adversarial Examples","display_name":"Deceiving Portable Executable Malware Classifiers into Targeted Misclassification with Practical Adversarial Examples","publication_year":2020,"publication_date":"2020-03-13","ids":{"openalex":"https://openalex.org/W3012161115","doi":"https://doi.org/10.1145/3374664.3375741","mag":"3012161115"},"language":"en","primary_location":{"id":"doi:10.1145/3374664.3375741","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3374664.3375741","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5057787967","display_name":"Yunus Kucuk","orcid":null},"institutions":[{"id":"https://openalex.org/I123946342","display_name":"Binghamton University","ror":"https://ror.org/008rmbt77","country_code":"US","type":"education","lineage":["https://openalex.org/I123946342"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yunus Kucuk","raw_affiliation_strings":["Binghamton University, State University of New York, Binghamton, NY, USA"],"affiliations":[{"raw_affiliation_string":"Binghamton University, State University of New York, Binghamton, NY, USA","institution_ids":["https://openalex.org/I123946342"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5029645292","display_name":"Guanhua Yan","orcid":"https://orcid.org/0000-0001-7482-4043"},"institutions":[{"id":"https://openalex.org/I123946342","display_name":"Binghamton University","ror":"https://ror.org/008rmbt77","country_code":"US","type":"education","lineage":["https://openalex.org/I123946342"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Guanhua Yan","raw_affiliation_strings":["Binghamton University, State University of New York, Binghamton, NY, USA"],"affiliations":[{"raw_affiliation_string":"Binghamton University, State University of New York, Binghamton, NY, USA","institution_ids":["https://openalex.org/I123946342"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5057787967"],"corresponding_institution_ids":["https://openalex.org/I123946342"],"apc_list":null,"apc_paid":null,"fwci":1.9699,"has_fulltext":false,"cited_by_count":15,"citation_normalized_percentile":{"value":0.86543779,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"341","last_page":"352"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9954000115394592,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9911999702453613,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/opcode","display_name":"Opcode","score":0.9879138469696045},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9264284372329712},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8305529356002808},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.7806731462478638},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.7142390608787537},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.658365786075592},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6102704405784607},{"id":"https://openalex.org/keywords/system-call","display_name":"System call","score":0.5470687747001648},{"id":"https://openalex.org/keywords/cryptovirology","display_name":"Cryptovirology","score":0.44438132643699646},{"id":"https://openalex.org/keywords/adversarial-machine-learning","display_name":"Adversarial machine learning","score":0.4180023670196533},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.38733699917793274},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3415912985801697},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.17938899993896484}],"concepts":[{"id":"https://openalex.org/C52173422","wikidata":"https://www.wikidata.org/wiki/Q766483","display_name":"Opcode","level":2,"score":0.9879138469696045},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9264284372329712},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8305529356002808},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.7806731462478638},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.7142390608787537},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.658365786075592},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6102704405784607},{"id":"https://openalex.org/C2778579508","wikidata":"https://www.wikidata.org/wiki/Q722192","display_name":"System call","level":2,"score":0.5470687747001648},{"id":"https://openalex.org/C84525096","wikidata":"https://www.wikidata.org/wiki/Q3506050","display_name":"Cryptovirology","level":3,"score":0.44438132643699646},{"id":"https://openalex.org/C2778403875","wikidata":"https://www.wikidata.org/wiki/Q20312394","display_name":"Adversarial machine learning","level":3,"score":0.4180023670196533},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.38733699917793274},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3415912985801697},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.17938899993896484}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3374664.3375741","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3374664.3375741","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.7300000190734863,"id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G3007264278","display_name":null,"funder_award_id":"CNS-1618631","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":46,"referenced_works":["https://openalex.org/W9657784","https://openalex.org/W250426404","https://openalex.org/W1482612322","https://openalex.org/W1558357780","https://openalex.org/W1581009051","https://openalex.org/W1943233084","https://openalex.org/W1981221397","https://openalex.org/W2034938003","https://openalex.org/W2038296020","https://openalex.org/W2041130390","https://openalex.org/W2056107175","https://openalex.org/W2072772765","https://openalex.org/W2077278164","https://openalex.org/W2082190528","https://openalex.org/W2083183119","https://openalex.org/W2084979543","https://openalex.org/W2099053789","https://openalex.org/W2110143557","https://openalex.org/W2122672392","https://openalex.org/W2137365926","https://openalex.org/W2141577524","https://openalex.org/W2146950091","https://openalex.org/W2150188172","https://openalex.org/W2163931946","https://openalex.org/W2165357553","https://openalex.org/W2180612164","https://openalex.org/W2243397390","https://openalex.org/W2486441280","https://openalex.org/W2525598640","https://openalex.org/W2573650634","https://openalex.org/W2574797807","https://openalex.org/W2712617220","https://openalex.org/W2744095836","https://openalex.org/W2744097819","https://openalex.org/W2774644650","https://openalex.org/W2775261393","https://openalex.org/W2776884785","https://openalex.org/W2963165251","https://openalex.org/W2963612069","https://openalex.org/W2963777745","https://openalex.org/W2963857521","https://openalex.org/W2964159373","https://openalex.org/W3103836116","https://openalex.org/W4211047985","https://openalex.org/W4214931895","https://openalex.org/W4247464060"],"related_works":["https://openalex.org/W4382794599","https://openalex.org/W2149659470","https://openalex.org/W2079215333","https://openalex.org/W2888879623","https://openalex.org/W2087539092","https://openalex.org/W36091977","https://openalex.org/W2999796443","https://openalex.org/W2903602818","https://openalex.org/W4388157251","https://openalex.org/W3139383759"],"abstract_inverted_index":{"Due":[0],"to":[1,123,150],"voluminous":[2],"malware":[3,15,40,51,65,78,139],"attacks":[4],"in":[5,75,107],"the":[6,67,76,82,85,98,101,158,170,180],"cyberspace,":[7],"machine":[8],"learning":[9],"has":[10],"become":[11],"popular":[12],"for":[13],"automating":[14],"detection":[16],"and":[17,97,179],"classification.":[18],"In":[19],"this":[20],"work":[21],"we":[22,59,147],"play":[23],"devil's":[24],"advocate":[25],"by":[26,91],"investigating":[27],"a":[28,50,115,129,165,174,185],"new":[29],"type":[30],"of":[31,55,57,63,73,87,103,168,177,188],"threats":[32],"aimed":[33],"at":[34],"deceiving":[35],"multi-class":[36],"Portable":[37],"Executable":[38],"(PE)":[39],"classifiers":[41,126],"into":[42,127,132,161],"targeted":[43,162],"misclassification":[44,163],"with":[45,53,119,164,173,184],"practical":[46,152],"adversarial":[47,153],"samples.":[48],"Using":[49,136],"dataset":[52],"tens":[54],"thousands":[56],"samples,":[58],"construct":[60],"three":[61],"types":[62],"PE":[64,93,130],"classifiers,":[66],"first":[68],"one":[69,84,100],"based":[70],"on":[71],"frequencies":[72],"opcodes":[74],"disassembled":[77],"code":[79,143],"(opcode":[80],"classifier),":[81,96],"second":[83],"list":[86,102],"API":[88,171],"functions":[89,122],"imported":[90],"each":[92],"sample":[94,131,140],"(API":[95],"third":[99],"system":[104,181],"calls":[105],"observed":[106],"dynamic":[108],"execution":[109],"(system":[110],"call":[111,182],"classifier).":[112],"We":[113],"develop":[114],"genetic":[116],"algorithm":[117],"augmented":[118],"different":[120],"support":[121],"deceive":[124,157],"these":[125],"misclassifying":[128],"any":[133],"target":[134],"family.":[135],"an":[137],"Rbot":[138],"whose":[141],"source":[142],"is":[144],"publicly":[145],"available,":[146],"are":[148],"able":[149],"create":[151],"samples":[154],"that":[155],"can":[156],"opcode":[159],"classifier":[160,172,183],"successful":[166,175,186],"rate":[167,176,187],"75%,":[169],"83.3%,":[178],"91.7%.":[189]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":6},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}