We use cookies to improve your experience on our site.
AVID-2023-V001
Description
Evasion of Deep Learning Detector for Malware C&C Traffic
Details
The Palo Alto Networks Security AI research team tested a deep learning model for malware command and control (C&C) traffic detection in HTTP traffic. Based on the publicly available paper by Le et al., we built a model that was trained on a similar dataset as our production model and had similar performance. Then we crafted adversarial samples, queried the model, and adjusted the adversarial sample accordingly until the model was evaded.
References
- Evasion of Deep Learning Detector for Malware C&C Traffic
- Le, Hung, et al. “URLNet: Learning a URL representation with deep learning for malicious URL detection.” arXiv preprint arXiv:1802.03162 (2018).
AVID Taxonomy Categorization
- Risk domains: Security
- SEP subcategories: S0403: Adversarial Example
- Lifecycle stages: L02: Data Understanding, L06: Deployment
Affected or Relevant Artifacts
- Developer:
- Deployer: Palo Alto Networks malware detection system
- Artifact Details:
Type Name System Palo Alto Networks malware detection system
Other information
- Vulnerability Class: ATLAS Case Study
- Date Published: 2023-03-31
- Date Last Modified: 2023-03-31
- Version: 0.2
- AVID Entry