{"id":1681,"date":"2024-02-12T19:16:05","date_gmt":"2024-02-12T18:16:05","guid":{"rendered":"https:\/\/pepr-defmal.loria.fr\/?page_id=1681"},"modified":"2024-07-10T10:50:15","modified_gmt":"2024-07-10T08:50:15","slug":"iamalwares","status":"publish","type":"page","link":"https:\/\/pepr-defmal.loria.fr\/fr\/iamalwares\/","title":{"rendered":"IA & Malware Workshop"},"content":{"rendered":"
\"\"\/<\/figure>
\n

\nThe Inria PIRAT project team is planning a workshop \u2018IA&Malware\u2019 hosted by CentraleSupelec Rennes Campus on Tuesday, March 19, 2024. <\/strong><\/p>\n<\/div><\/div>\n\n\n\n

This venue, funded by the targeted PEPR Cybersecurity project – DefMal <\/a>, spans one day and is specifically dedicated to PhD students and post-doctoral researchers with a focus on AI applications in malware analysis.<\/strong> We extend a warm invitation to senior researchers in this domain to participate and contribute their advancements. The workshop encompasses a wide range of research topics, including but not limited to: AI-based malware detection.\u00a0<\/p>\n\n\n\n

AI&Malware Workshop<\/strong> \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/p>\n\n\n\n

Tuesday, March 19, 10 am to 4pm – Room 151, CentraleSupelec, Rennes
Remote attending link: https:\/\/bbb.inria.fr\/han-rea-stk-bpr \u00a0 <\/p>\n\n\n\n

10:00-10:10 Flashing welcome talk<\/strong>\n<\/p>\n\n\n\n

10:10-10:35 Active Learning for\nBotnet Campaign Attribution<\/strong> <\/p>\n\n\n\n

Speaker<\/strong>: H\u00e9l\u00e8ne Orsini, PhD student at INRIA PIRAT\nteam <\/p>\n\n\n\n

Abstract<\/strong>: Network attack attribution is crucial for\nidentifying malicious actors, understanding attack campaigns, and implementing\npreemptive measures. Traditional machine learning approaches face challenges\nsuch as labor-intensive campaign annotation, imbalanced attack data\ndistribution, and evolving attack patterns causing concept drift. To address\nthese challenges, we propose DYNAMO, a novel weakly supervised and\nhuman-in-the-loop machine learning framework for automated network attack\nattribution using raw network traffic records. DYNAMO integrates\nself-supervised learning and density-aware active learning techniques to reduce\nthe overhead of exhaustive annotation, querying human analysts to label only a\nfew selected highly representative network traffic samples. This approach\nensures comprehensive and balanced training data coverage, overcoming imbalanced\nattack data distribution. Our experiments on the CTU-13 dataset demonstrate\nthat annotating less than 3% of the records achieves attribution accuracy\ncomparable to fully supervised approaches with twice as many labeled records.\nMoreover, compared to classic active learning and semi-supervised techniques,\nDYNAMO achieves 20% higher attribution accuracy and nearly perfect detection\naccuracy for unknown botnet campaigns with minimal annotations.<\/p>\n\n\n\n

Bio<\/strong>: H\u00e9l\u00e8ne Orsini is a 3-year PhD student in\nCybersecurity and AI at Inria PIRAT team. She primarily focuses on using AI\ntechniques to analyze the behavior of botnet campaigns. <\/p>\n\n\n\n

10:35-11:00 CROISSANT: malware\nbehavioral clustering based on ontological pattern signatures<\/strong><\/p>\n\n\n\n

Speaker<\/strong>: Vincent Raulin, PhD student at INRIA PIRAT\nteam<\/p>\n\n\n\n

Abstract<\/strong>: Malware analysis consists of studying a\nsample of suspicious code to understand it and producing a representation or\nexplanation of this code that can be used by a human expert or a\nclustering\/classification\/detection tool. Most detection tools including\nanti-viruses are based on static signatures, meaning that they look for\nspecific already-seen patterns in samples. Static analysis can be avoided by\nthe attacker using obfuscation or dynamic code-loading techniques and performs\npoorly on zero-day malware. Dynamic analysis studies the malware’s behavior:\nthe question is then to decide whether an observed behavior is malicious or\nnot. We introduce a new method of performing malware analysis named CROISSANT:\na behavioral clustering system that groups malware samples that show similar\nbehaviors and provides dynamic explainable signatures based on the BAGUETTE\nontology.<\/p>\n\n\n\n

Bio: <\/strong>Vincent Raulin isa 3rd<\/sup> year\nPhD student of PIRAT team. His research interests include explainable malware\nclustering, graph-structured representation of malware behavioral reports. He\nis also the author of the open-sourced tool Baguette for encoding malware\nbehavioral reports into graph-structured representations to facilitate malware\nbehavior explanation and similarity matching: https:\/\/gitlab.inria.fr\/vraulin\/baguette-verse.<\/p>\n\n\n\n

11:00-11:10 Coffee break<\/strong><\/p>\n\n\n\n

11:10-12:10 Invited talk:\nFeatures Analysis of Threats in Microprocessors: Detection & Mitigation\nTechniques<\/strong> <\/p>\n\n\n\n

Speaker<\/strong>: Dr. Alessandro Palumbo, Associate Professor,\nINRIA SUSHI team, CentraleSupelec, Rennes Campus<\/p>\n\n\n\n

Abstract<\/strong>: Software-exploitable Hardware Trojan Horses\ncan be inserted into Microprocessors allowing attackers to run their own\nsoftware or to gain unauthorized privileges. On the other hand, observing some\nfeatures of the Microprocessor (apparently unrelated to its program run), a\nmalicious user may gain information to steal secrets and private data. As a\nconsequence, the devices that are built in safe foundries could also be\nattacked. Implementing Hardware Security Modules that look at the\nruntime Microprocessor behavior is a new approach to\ndetecting whether attacks are running.<\/p>\n\n\n\n

Why do we need hardware modules to\nprotect against attacks? Aren\u2019t software solutions enough? It\u2019s extremely\nchallenging for software to protect from vulnerabilities close to hardware;\nHardware Security Modules operate at the circuit level. Consequently, they are\nwell-suited to detect and defend against low-level attacks.<\/p>\n\n\n\n

Bio<\/strong>: Alessandro Palumbo is an Associate Professor\nat CentraleSupel\u00e8c, Universit\u00e9 Paris-Saclay, and an Associate Researcher at\nUniversity of Rennes, CNRS, IRISA, France IRISA Lab, Inria. He received a Ph.D.\nin Electronics Engineering in 2022 at the university of Tor Vergata for his\nresearch titled \u201cFeatures Analysis of Microarchitectural Attacks and Hardware\nTrojans in Microprocessors: Detection & Mitigation Techniques.\u201d He took a\nmaster\u2019s degree in Electronics Engineering for Telecommunications and\nMultimedia at the same university, where he also received his bachelor\u2019s degree\nin Electronics Engineering. In 2022\/2023 A.Y., he was an Assistant Researcher\nat Politecnico di Milano. There, his research activity was titled \u201cDesign of\nIntegrated Circuits for High-Security Primitive of In-Memory Computing.\u201d His\nresearch focus is Hardware Security. In particular, his interests include\nhardware acceleration of networking functions and CPU microarchitectures, with\nparticular emphasis on Machine Learning techniques and Probabilistic Data\nStructures to guarantee security and reliability in microprocessor-based\nsystems in both FPGA and In-Memory Computing scenarios. More information\nhere: https:\/\/palessumbo.github.io\/<\/a><\/p>\n\n\n\n

Lunch break offered<\/strong><\/p>\n\n\n\n

13:35 \u2013 14:00 Defensive\nRandomization Against Adversarial Attacks in Image-Based Android Malware\nDetection<\/strong><\/p>\n\n\n\n

Speaker<\/strong>: Tianwei Lan, PhD student of Universit\u00e9 Paris\nCit\u00e9. <\/p>\n\n\n\n

Abstract<\/strong>: The extensive popularity of Android operating\nsystem hones the increased malware attacks and threatens the Android ecosystem.\nMachine learning is one of the versatile tools to detect legacy and new malware\nwith high accuracy. However, these Machine Learning (ML) models are vulnerable\nto adversarial attacks, which severely threaten their cybersecurity deployment.\nTo combat the deterrence of ML models against adversarial attacks, we propose a\nnovel randomization method as a defense for image-based detection systems. In\naddition to defensive randomization, the paper also introduces a novel method,\ncalled AutoE, for transforming an APK to an image by leveraging API calls only.\nTo evaluate the effectiveness of randomization as a defense against adversarial\nsettings, we compare our AutoE with two state-of-the-art image-based Android\nmalware detection systems. The experimental results reveal that the\nrandomization is a strong defensive hood for image-based Android malware\ndetection systems against adversarial attacks. Moreover, our novel AutoE\ndetects malware with 96% accuracy and the randomization approach makes it\nharder against adversarial attacks.<\/p>\n\n\n\n

Bio<\/strong>: Tianwei Lan received the French engineering\ndegree in electrical engineering from INSA Lyon (France), and the M.Sc. degree\nin artificial intelligence from Sorbonne University (France). He is currently\npursuing the Ph.D. degree with Universit\u00e9 Paris Cit\u00e9 (France). His research\ninterests include machine learning, security, and malware detection.<\/p>\n\n\n\n

14:00 \u2013 15:00 Invited talk:\nPentesting Windows malware detectors with Adversarial EXEmples<\/strong> (co-hosted\nwith the webinar of DefMal)<\/p>\n\n\n\n

Speaker<\/strong>: Dr. Luca Demetrio, Assistant Professor at\nUniversity of Genoa <\/p>\n\n\n\n

Abstract<\/strong>: Machine learning for malware detection has\nreceived a great boost in popularity, given its inhuman performances with\nextremely-low numbers of false alarms, compared to static signature which are\nunable to cope with all the possible variants. However, recent research shows\nthat these techniques are not bullet-proof since they are vulnerable to\nAdversarial EXEmples, carefully-crafted malware samples optimised to bypass\ndetection.<\/p>\n\n\n\n

These are implemented through\nmanipulations that preserve the original functionality, and their generation\ncan be easily automated and targeted against both machine learning models and\ncommercially-available antivirus programs. Hence, in this talk, we will provide\ninsights on how to properly formulate these novel threats, and how they can be\nused to test malware detectors. Thanks to cutting-edge advancements, we will\nalso share details on possible defenses and mitigations against Adversarial\nEXEmples, and we will close by highlighting limitations and possible future\ndirections to improve this novel research field.<\/p>\n\n\n\n

Bio<\/strong>: Luca Demetrio is Assistant Professor at the\nUniversity of Genoa, and he received his Ph.D. in 2021. His research focuses on\nassessing the security of machine learning threat detectors, with a strong\nfocus on Windows malware. He is first author on several paper on the topic, and\nhe is maintainer of SecML Malware (https:\/\/github.com\/pralab\/secml_malware<\/a>) which automates the generation of\nadversarial EXEmples. He has been awarded with an honourable mention by the\n\u201cGruppo 2003\u201d for your researchers in 2023 for his contribution on the topic,\nand he is reviewer for top-tier conferences like USENIX and ICLR. Also, he took\npart to industrial conferences like TROOPERS, and, together with other people,\nhe will also deliver a training to BlackHat 2024 covering machine learning for\nmalware detection and pentesting techniques with EXEmples.<\/p>\n\n\n\n

15:00 \u2013 15:10 Coffee break<\/strong> <\/p>\n\n\n\n

15:10-15:35 Inducing systematic\ntargeted mismatches to ML-based binary function classifiers<\/strong><\/p>\n\n\n\n

Speaker<\/strong>: Gabriel Sauger, PhD student of CARBONE team at LORIA. <\/p>\n\n\n\n

Abstract<\/strong>: Machine learning has become proeminent in\nsolutions to the problem of binary function code classification. The goal is,\ngiven an unknown function binary code, to be able to recognize it, given a\ndatabase or known patterns. Many classifiers have been published, using static\nanalysis extracted features, and show extremely good performances on their\nbenchmarks, being able to recognize functions thought compilation optimization\noptions, target architectures, versions of the compiler or project, and even\nobufscations. However our work has shown that with carefully crafted\nmodifications to the source code and the compiled assembly code of a function\np, we are able, under selected functions size conditions, to have the function\np be misclassified as a target function t in more than 50%, up to 80% depending\non the defender’s classifier. We achieve this without having to query the defender’s\nclassifier.
\nThis raises questions about the relevance of the features that are currently\ncommonly selected to identify the semantics of function binary code in the\nliterature, and the performances of those models in the context of an attack.<\/p>\n\n\n\n

Bio<\/strong>: Gabriel Sauger is a fourth year PhD student under the supervision of Jean-Yves Marion. I first built a static disassembler with a code classification module using Capstone, that gave me some insight on the related literature, that brought me to the current work I’m doing.
I have a general civil engineer formation at les Mines de Nancy, specialized in mathematics.<\/p>\n\n\n\n

15:35-16:00 Summary talk<\/strong> <\/p>\n\n\n\n

Please contact Dr.Yufei Han yufei.han@inria<\/a> for more information \/ registration to the workshop. <\/p>","protected":false},"excerpt":{"rendered":"

The Inria PIRAT project team is planning a workshop \u2018IA&Malware\u2019 hosted by CentraleSupelec Rennes Campus on Tuesday, March 19, 2024. This venue, funded by the targeted PEPR Cybersecurity project – DefMal , spans one day and is specifically dedicated to PhD students and post-doctoral researchers with a focus on AI\u2026<\/p>\n

en savoir+<\/span><\/i><\/a> <\/p>\n","protected":false},"author":1990,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-1681","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/pepr-defmal.loria.fr\/fr\/wp-json\/wp\/v2\/pages\/1681","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pepr-defmal.loria.fr\/fr\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/pepr-defmal.loria.fr\/fr\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/pepr-defmal.loria.fr\/fr\/wp-json\/wp\/v2\/users\/1990"}],"replies":[{"embeddable":true,"href":"https:\/\/pepr-defmal.loria.fr\/fr\/wp-json\/wp\/v2\/comments?post=1681"}],"version-history":[{"count":7,"href":"https:\/\/pepr-defmal.loria.fr\/fr\/wp-json\/wp\/v2\/pages\/1681\/revisions"}],"predecessor-version":[{"id":1810,"href":"https:\/\/pepr-defmal.loria.fr\/fr\/wp-json\/wp\/v2\/pages\/1681\/revisions\/1810"}],"wp:attachment":[{"href":"https:\/\/pepr-defmal.loria.fr\/fr\/wp-json\/wp\/v2\/media?parent=1681"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}