| In recent years,organization identification of APT malware has become an important security defense technique.To effectively counter APT attacks,the captured PE malware can be classified for organizational traceability to trace the attackers and develop defensive measures.Most of the existing APT malware organization identification methods use machine learning models,require extensive feature engineering efforts,and do not consider the vulnerability of the models.To alleviate these problems,this paper investigates the end-to-end effectiveness of APT malware organization identification and robustness against attacks,with the following main work.(1)Propose an end-to-end organization identification technique APTE2E: using an end-to-end neural network model to directly process the bytecode of APT malware samples,achieving over 92% identification accuracy on both public and self-built datasets.(2)Propose a sample obfuscation and model gradient-based adversarial attack method: the transformation of APT samples employs UPX shelling obfuscation,four file location-based obfuscation insertion,and model gradient-based obfuscated content generation.The minimum Euclidean distance between word vector matrix rows and word embeddings in the embedding layer is used to reconstruct adversarial sample byte segments in the problem space of APT samples.Experiments on public and self-built datasets show that the attack method can cause a significant decrease in the recognition accuracy of APTE2 E.(3)A robust organization identification technique based on contrastive learning,RAM-A(Robust APT Malware Attribution),which is currently the most robust end-to-end organization recognition technique against adversarial attacks: the RAMA technique framework consists of three modules: adversarial training module,contrastive learning module,and KL divergence module.To enhance the ability of recognition models to resist adversarial samples,RAMA learns the knowledge of both adversarial and clean samples through adversarial training module;and explicitly closes the representational distance between adversarial and clean samples through sample representational-level contrast learning module and KL divergence module.Experimental results on public and self-built datasets show that under the APT adversarial sample attack generated by the method in(2),the RAMA technique obtains a significant robustness increase at the cost of a slight effectiveness decrease compared with the APTE2 E technique;and the RAMA technique has better adversarial robustness and better recognition results compared with the traditional adversarial training-based organization recognition technique.In addition,this paper conducts model ablation experiments and optimal parameters exploration for RAMA technique.In conclusion,for the organization identification problem of APT malware samples,this paper first investigates the end-to-end organization identification technique and the adversarial attack method against it,and then proposes a robust end-to-end organization identification technique that can resist the aforementioned attacks. |
PDF Full Text Request