Cyber Security Seminar by Dr. Sicco Verwer : The Robust Malware Challenge and the GRAMS method

28 January 2020 12:00 till 12:45 - Location: FACULTY EEMCS-BUILDING 28, SOCIAL DATA LAB 0.E.220

I will briefly describe the robust malware challenge (https://sites.google.com/view/advml/advml19-challenge) which we participated in and won past summer. The key task in this challenge was to attack neural network classifiers that have been trained to distinguish malware from benign software using the presence and absence of system calls. A restriction was that we are only allowed to add system calls, effectively turning a 0 into a 1 in a large binary feature vector. We developed a new algorithm called GRAMS for performing such an attack that can also be used for adversarial training of neural networks from such data. GRAMS stands for greedy random adaptive multibit search. It is essentially a greedy bit flipping algorithm with some smart tricks, which we used to win both the attack and defense tracks of the challenge.