Machine learning in the hands of a malicious adversary: A study on ML-driven malware

Chung, Keywhan

Permalink

https://hdl.handle.net/2142/115674 Copy

Description

Title

Machine learning in the hands of a malicious adversary: A study on ML-driven malware

Author(s)

Chung, Keywhan

Issue Date

2022-03-31

Director of Research (if dissertation) or Advisor (if thesis)

Iyer, Ravishankar K

Doctoral Committee Chair(s)

Iyer, Ravishankar K

Committee Member(s)

• Kalbarczyk, Zbigniew T
• Nicol, David M
• Bailey, Michael D
• Bates, Adam
• Wang, Gang

Department of Study

Electrical & Computer Eng

Discipline

Electrical & Computer Engr

Degree Granting Institution

University of Illinois at Urbana-Champaign

Degree Name

Ph.D.

Degree Level

Dissertation

Keyword(s)

• cyber security
• machine learning
• malware

Abstract

Targeted and sophisticated cyber threats are on the rise. To maximize efficiency, attackers spend significant amounts of time preparing attacks (e.g., reconnaissance, weaponization, and exploitation). However, an extended foothold into a system often leaves a trace that a well-prepared security team can use to track the attacker. Furthermore, unlike malware which automatically spread across systems (even systems that are air-gapped from the public network), targeted attacks were restricted by their need of remote access to the victim system (i.e., so that the attacker can investigate the target system and customize the attack accordingly). In this dissertation, we describe an unforeseen class of threat, ML-driven malware, and demonstrate its impact on variations of critical cyber infrastructure (e.g., smart building automation system, medical robot, or large computing infrastructure). At the early research stage, we showcased two analytics-driven malware that were machine-controlled but human-driven. By gradually increasing the level of automation, we demonstrated that our malware, substantially independent of the attacker, can autonomously monitor the victim, develop the function to infer an attack strategy, and execute the payload at its most opportune time. In enabling this threat, we deployed an ensemble of learning methods to adapt to the dynamics of the victim system and fine-tune the malware. As a result, our malware achieved its malicious intent of accelerating data exfiltration while remaining under the radar of monitoring systems. Furthermore, we evaluated the impact of the attack payload inferred by the ML-driven malware in either a simulated environment or a testbed running inside a production system. To make things worse, our experiments showed that attackers can alter the learning algorithms to reduce traces introduced by adopting such sophisticated techniques. With ML-driven malware installed, an attacker might no longer need to maintain a foothold in a target system, but can let malware automatically reconnoiter the victim and internally weaponize the attack while leaving minimal traces. Also, as we demonstrate in variations of critical computing infrastructure, such an ML-driven malware can benefit from intelligence collected from other victims, and morph its form and adjust behavior to fit to the details of each victim. No document yet report the existence of a real-threat with such capability. However, the results from our research show that it is feasible to implement ML-driven malware which can operate under the radar of a security monitoring system with minimal resource usage, and is self-learning to a significant degree. In addition to demonstrating this new threat, we share our insights on ML-driven malware and its limitation to promote further research on this new problem, and, hence, be prepared when this becomes a reality.

Graduation Semester

2022-05

Type of Resource

Thesis

Copyright and License Information

Copyright 2022 Keywhan Chung

Owning Collections