{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,12]],"date-time":"2025-07-12T01:04:58Z","timestamp":1752282298720,"version":"3.40.3"},"publisher-location":"Cham","reference-count":39,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030372309"},{"type":"electronic","value":"9783030372316"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-37231-6_22","type":"book-chapter","created":{"date-parts":[[2019,12,10]],"date-time":"2019-12-10T06:02:43Z","timestamp":1575957763000},"page":"380-393","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["On Effectiveness of Adversarial Examples and Defenses for Malware Classification"],"prefix":"10.1007","author":[{"given":"Robert","family":"Podschwadt","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hassan","family":"Takabi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,12,11]]},"reference":[{"key":"22_CR1","unstructured":"Devries, T., Taylor, G.W.: Improved regularization of convolutional neural networks with cutout. CoRR, abs\/1708.04552 (2017)"},{"key":"22_CR2","doi-asserted-by":"crossref","unstructured":"Zagoruyko, S., Komodakis, N.: Wide residual networks. CoRR, abs\/1605.07146 (2016)","DOI":"10.5244\/C.30.87"},{"key":"22_CR3","unstructured":"Raff, E., Barker, J., Sylvester, J., Brandon, R., Catanzaro, B., Nicholas, C.: Malware detection by eating a whole EXE (2017)"},{"issue":"3","key":"22_CR4","doi-asserted-by":"publisher","first-page":"766","DOI":"10.1109\/TCYB.2015.2415032","volume":"46","author":"F Zhang","year":"2016","unstructured":"Zhang, F., Chan, P.P.K., Biggio, B., Yeung, D.S., Roli, F.: Adversarial feature selection against evasion attacks. IEEE Trans. Cybern. 46(3), 766\u2013777 (2016)","journal-title":"IEEE Trans. Cybern."},{"key":"22_CR5","doi-asserted-by":"crossref","unstructured":"Saxe, J., Berlin, K.: Deep neural network based malware detection using two dimensional binary program features. In: 2015 10th International Conference on Malicious and Unwanted Software (MALWARE), pp. 11\u201320, October 2015","DOI":"10.1109\/MALWARE.2015.7413680"},{"key":"22_CR6","unstructured":"Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples (2014)"},{"key":"22_CR7","doi-asserted-by":"crossref","unstructured":"Carlini, N., Wagner, D.A.: Adversarial examples are not easily detected: bypassing ten detection methods. CoRR, abs\/1705.07263 (2017)","DOI":"10.1145\/3128572.3140444"},{"key":"22_CR8","unstructured":"Mohsen Dezfooli, S.M., Fawzi, A., Frossard, P.: DeepFool: a simple and accurate method to fool deep neural networks. CoRR, abs\/1511.04599 (2015)"},{"key":"22_CR9","unstructured":"Kurakin, A., Goodfellow, I.J., Bengio, S.: Adversarial examples in the physical world. CoRR, abs\/1607.02533 (2016)"},{"key":"22_CR10","doi-asserted-by":"crossref","unstructured":"Grosse, K., Papernot, N., Manoharan, P., Backes, M., McDaniel, P.D.: Adversarial perturbations against deep neural networks for malware classification. CoRR, abs\/1606.04435 (2016)","DOI":"10.1109\/SP.2016.41"},{"key":"22_CR11","unstructured":"Chen, S., Xue, M., Fan, L., Hao, S., Xu, L., Zhu, H.: Hardening malware detection systems against cyber maneuvers: an adversarial machine learning approach. CoRR, abs\/1706.04146 (2017)"},{"key":"22_CR12","unstructured":"Biggio, B., Nelson, B., Laskov, P.: Poisoning attacks against support vector machines (2012)"},{"key":"22_CR13","doi-asserted-by":"crossref","unstructured":"Huang, L., Joseph, A.D., Nelson, B., Rubinstein, B.I.P., Tygar, J.D.: Adversarial machine learning. In: Proceedings of the 4th ACM Workshop on Security and Artificial Intelligence, AISec 2011, pp. 43\u201358 (2011)","DOI":"10.1145\/2046684.2046692"},{"key":"22_CR14","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P.D., Goodfellow, I.J., Jha, S., Celik, Z.B., Swami, A.: Practical black-box attacks against deep learning systems using adversarial examples. CoRR, abs\/1602.02697 (2016)","DOI":"10.1145\/3052973.3053009"},{"key":"22_CR15","unstructured":"Szegedy, C., et al.: Intriguing properties of neural networks. CoRR, abs\/1312.6199 (2013)"},{"key":"22_CR16","unstructured":"Su, J., Vargas, D.V., Kouichi, S.: One pixel attack for fooling deep neural networks. arXiv preprint arXiv:1710.08864 (2017)"},{"key":"22_CR17","doi-asserted-by":"crossref","unstructured":"Carlini, N., Wagner, D.A.: Towards evaluating the robustness of neural networks. CoRR, abs\/1608.04644 (2016)","DOI":"10.1109\/SP.2017.49"},{"key":"22_CR18","unstructured":"Carlini, N., Katz, G., Barrett, C., Dill, D.L.: Ground-truth adversarial examples. arXiv preprint arXiv:1709.10207 (2017)"},{"key":"22_CR19","doi-asserted-by":"crossref","unstructured":"Warde-Farley, D., Goodfellow, I.: 11 adversarial perturbations of deep neural networks. In: Perturbations, Optimization, and Statistics, p. 311 (2016)","DOI":"10.7551\/mitpress\/10761.003.0012"},{"key":"22_CR20","doi-asserted-by":"crossref","unstructured":"Arp, D., Spreitzenbarth, M., H\u00fcbner, M., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of android malware in your pocket (2014)","DOI":"10.14722\/ndss.2014.23247"},{"key":"22_CR21","unstructured":"Dataset malware\/beningn permissions android. https:\/\/www.kaggle.com\/xwolf12\/datasetandroidpermissions\/home"},{"key":"22_CR22","first-page":"2825","volume":"12","author":"F Pedregosa","year":"2011","unstructured":"Pedregosa, F., et al.: Scikit-learn: machine learning in Python. J. Mach. Learn. Res. 12, 2825\u20132830 (2011)","journal-title":"J. Mach. Learn. Res."},{"key":"22_CR23","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P.D., Jha, S., Fredrikson, M., Celik, Z.B., Swami, A.: The limitations of deep learning in adversarial settings. CoRR, abs\/1511.07528 (2015)","DOI":"10.1109\/EuroSP.2016.36"},{"key":"22_CR24","doi-asserted-by":"crossref","unstructured":"Stokes, J.W., Wang, D., Marinescu, M., Marino, M., Bussone, B.: Attack and defense of dynamic analysis-based, adversarial neural malware classification models. CoRR, abs\/1712.05919 (2017)","DOI":"10.1109\/MILCOM.2018.8599855"},{"key":"22_CR25","doi-asserted-by":"crossref","unstructured":"Huang, A., Al-Dujaili, A., Hemberg, E., and Una-May O\u2019Reilly: Adversarial deep learning for robust detection of binary encoded malware. CoRR, abs\/1801.02950 (2018)","DOI":"10.1109\/SPW.2018.00020"},{"key":"22_CR26","unstructured":"Hu, W., Tan, Y.: Generating adversarial malware examples for black-box attacks based on GAN. CoRR, abs\/1702.05983 (2017)"},{"key":"22_CR27","unstructured":"Goodfellow, I.J., et al.: Generative adversarial nets. In: Advances in Neural Information Processing Systems 27: Annual Conference on Neural Information Processing Systems 2014, Montreal, Quebec, Canada, 8\u201313 December 2014, pp. 2672\u20132680 (2014)"},{"key":"22_CR28","unstructured":"Arjovsky, M., Chintala, S., Bottou, L.: Wasserstein GAN (2017)"},{"key":"22_CR29","unstructured":"Gulrajani, I., Ahmed, F., Arjovsky, M., Dumoulin, V., Courville, A.C.: Improved training of wasserstein GANs. CoRR, abs\/1704.00028 (2017)"},{"key":"22_CR30","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P.D., Wu, X., Jha, S., Swami, A.: Distillation as a defense to adversarial perturbations against deep neural networks. CoRR, abs\/1511.04508 (2015)","DOI":"10.1109\/SP.2016.41"},{"key":"22_CR31","unstructured":"Kurakin, A., Goodfellow, I.J., Bengio, S.: Adversarial machine learning at scale. CoRR, abs\/1611.01236 (2016)"},{"key":"22_CR32","unstructured":"Tram\u00e8r, F., Kurakin, A., Papernot, N., Boneh, D., McDaniel, P.: Ensemble adversarial training: attacks and defenses (2017)"},{"key":"22_CR33","doi-asserted-by":"crossref","unstructured":"Rosenberg, I., Shabtai, A., Rokach, L., Elovici, Y.: Generic black-box end-to-end attack against RNNs and other API calls based malware classifiers. CoRR, abs\/1707.05970 (2017)","DOI":"10.1007\/978-3-030-00470-5_23"},{"key":"22_CR34","unstructured":"Wang, Q., Guo, W., Zhang, K., Xing, X., Giles, C.L., Liu, X.: Random feature nullification for adversary resistant deep architecture. CoRR, abs\/1610.01239 (2016)"},{"key":"22_CR35","unstructured":"Yuan, X., He, P., Zhu, Q., Bhat, R.R., Li, X.: Adversarial examples: attacks and defenses for deep learning. CoRR, abs\/1712.07107 (2017)"},{"key":"22_CR36","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P.D., Swami, A., Harang, R.E.: Crafting adversarial input sequences for recurrent neural networks. CoRR, abs\/1604.08275 (2016)","DOI":"10.1109\/MILCOM.2016.7795300"},{"key":"22_CR37","unstructured":"Hu, W., Tan, Y.: Black-box attacks against RNN based malware detection algorithms. CoRR, abs\/1705.08131 (2017)"},{"key":"22_CR38","doi-asserted-by":"crossref","unstructured":"Chen, L., Hou, S., Ye, Y.: Securedroid: enhancing security of machine learning-based detection against adversarial android malware attacks. In: Proceedings of the 33rd Annual Computer Security Applications Conference, ACSAC 2017, pp. 362\u2013372. ACM, New York, NY, USA (2017)","DOI":"10.1145\/3134600.3134636"},{"key":"22_CR39","doi-asserted-by":"crossref","unstructured":"Yang, W., Kong, D., Xie, T., Gunter, C.A.: Malware detection in adversarial settings: exploiting feature evolutions and confusions in android apps. In: Proceedings of the 33rd Annual Computer Security Applications Conference, ACSAC 2017, pp. 288\u2013302. ACM, New York, NY, USA (2017)","DOI":"10.1145\/3134600.3134642"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-37231-6_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,23]],"date-time":"2023-09-23T20:31:13Z","timestamp":1695501073000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-37231-6_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030372309","9783030372316"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-37231-6_22","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"11 December 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SecureComm","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security and Privacy in Communication Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Orlando, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 October 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"securecomm2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/securecomm.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"149","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}