Adversarial Example Attacks Against Artificial Intelligence Based Detection Algorithm

In recent years,artificial intelligence-based(AI)detection algorithms have been widely used in the field of network security.The APPDRRUT network security architecture model proposed by Academician Fang Binxing divides network security into 8 dimensions:security analysis,security strategy,protection,detection,response,recovery,unified threat management,and trusted computing.Dimensions such as detection have the participation of AI.It can be seen that AI is extremely important to network security.However,even though AI performs well in the classification of anomalies,there are still researchers who have discovered its vulnerabilities.The adversarial example attack is a new type of attack against AI models.The concept of adversarial examples was first proposed by Szegedy et al.Its definition is to deliberately add some undetectable subtle interference to the input examples,causing the model to give a wrong output with high confidence.Applying adversarial example attacks to AI detection algorithms allows the model to classify malicious examples as benign examples,which can make malwares evade AI detection.This paper studies the adversarial example attack from the perspectives of malware command and control(C&C or C2)and smart contract honeypots.The C2 of malware poses a serious threat to national security.With the rapid popularization of the TLS protocol,malware has shown a trend of encryption,and the encryption of communication content has further increased the difficulty of detection.This paper proposes a malware traffic camouflaging framework named StealthyFlow.It combines public resource-based malware that uses encrypted traffic for C2 with generative adversarial networks(GAN).The framework disguises malicious traffic without affecting the attack function,and constructing adversarial examples,aiming to achieve indistinguishability between adversarial examples and benign traffic,and finally bypasses classifiers based on machine learning algorithms.StealthyFlow has the following advantages.First,it can realize dynamic disguise by dynamically adjusting the adversarial flow according to the change of the target flow.Second,disguise is carried out at the level of malware to ensure that the attack function is not destroyed.Third,we can bypass the target without participating in the training process to ensure that the malware will not be exposed in advance.Experimental result shows that the adversarial traffic generated by StealthyFlow is extremely similar to benign traffic,and the machine learning classifier can be bypassed in a non-cooperative environment.A smart contract honeypot is a special type of smart contract.This type of contract seems to have obvious vulnerabilities in contract design.If a user transfers a certain amount of funds to the contract,then the user can withdraw the funds in the contract.However,once users try to take advantage of this seemingly obvious vulnerability,they will fall into a real trap.Consequently,the user's investment in the contract cannot be retrieved.The honeypot induces other accounts to launch funds,which seriously threatens the security of property on the blockchain.Detection methods for honeypots are available.However,studying the manner by which to defend existing honeypots is insufficient to fight against honeypots.The new honeypots that may appear in the future from the perspective of the attacker must also be predicted.Therefore,we propose a type of adversarial honeypot.The code features and behavioral features of honeypots are obtained through a comparative analysis of the 158,568 non-honeypots and 352 honeypots.To build an adversarial honeypot,we try to separately hide their features and make the honeypot bypass the existing detection technology.We construct 18 instances on the basis of the proposed adversarial honeypot and use an open-source honeypot detection tool to detect these instances.The experimental result shows that the proposed honeypot can bypass the detection tool with a 100%ratio.In the two scenarios of malware C2 and smart contract honeypots,adversarial example attacks can successfully counter AI detection algorithms,which put forward higher requirements for defense.In view of the above two scenarios,we propose defense countermeasures respectively.