{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T04:57:35Z","timestamp":1743137855146,"version":"3.40.3"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030630850"},{"type":"electronic","value":"9783030630867"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-63086-7_18","type":"book-chapter","created":{"date-parts":[[2020,12,11]],"date-time":"2020-12-11T08:07:25Z","timestamp":1607674045000},"page":"318-338","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Best-Effort Adversarial Approximation of Black-Box Malware Classifiers"],"prefix":"10.1007","author":[{"given":"Abdullah","family":"Ali","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Birhanu","family":"Eshete","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,12,12]]},"reference":[{"key":"18_CR1","unstructured":"Advanced guide to inception v3 on cloud TPU (2019). https:\/\/cloud.google.com\/tpu\/docs\/inception-v3-advanced"},{"key":"18_CR2","unstructured":"Cnet freeware site (2019). https:\/\/download.cnet.com\/s\/software\/windows\/?licenseType=Free"},{"key":"18_CR3","unstructured":"Virus share (2019). https:\/\/virusshare.com"},{"key":"18_CR4","unstructured":"Virus total (2119). https:\/\/www.virustotal.com\/gui\/home\/upload"},{"key":"18_CR5","doi-asserted-by":"crossref","unstructured":"Al-Dujaili, A., Huang, A., Hemberg, E., O\u2019Reilly, U.: Adversarial deep learning for robust detection of binary encoded malware. In: 2018 IEEE Security and Privacy Workshops, SP Workshops 2018, San Francisco, CA, USA, 24 May 2018, pp. 76\u201382 (2018)","DOI":"10.1109\/SPW.2018.00020"},{"key":"18_CR6","unstructured":"Anderson, H.S., Roth, P.: EMBER: an open dataset for training static PE malware machine learning models. CoRR abs\/1804.04637 (2018)"},{"key":"18_CR7","unstructured":"Biggio, B., et al.: Evasion attacks against machine learning at test time. In: Machine Learning and Knowledge Discovery in Databases - European Conference, ECML PKDD 2013, Prague, Czech Republic, 23\u201327 September 2013, Proceedings, Part III, pp. 387\u2013402 (2013)"},{"key":"18_CR8","unstructured":"Biggio, B., Nelson, B., Laskov, P.: Poisoning attacks against support vector machines. In: Proceedings of the 29th International Conference on Machine Learning, ICML 2012, Edinburgh, Scotland, UK, 26 June \u2013 1 July 2012 (2012)"},{"key":"18_CR9","doi-asserted-by":"publisher","first-page":"317","DOI":"10.1016\/j.patcog.2018.07.023","volume":"84","author":"B Biggio","year":"2018","unstructured":"Biggio, B., Roli, F.: Wild patterns: ten years after the rise of adversarial machine learning. Pattern Recognit. 84, 317\u2013331 (2018)","journal-title":"Pattern Recognit."},{"issue":"1","key":"18_CR10","first-page":"3","volume":"26","author":"A Byrne","year":"2003","unstructured":"Byrne, A., Hilbert, D.R.: Color realism and color science. Cambridge Univ. Press 26(1), 3\u201364 (2003)","journal-title":"Cambridge Univ. Press"},{"key":"18_CR11","unstructured":"Carlini, N., Liu, C., Erlingsson, \u00da., Kos, J., Song, D.: The secret sharer: evaluating and testing unintended memorization in neural networks. In: 28th USENIX Security Symposium, USENIX Security 2019, Santa Clara, CA, USA, 14\u201316 August 2019, pp. 267\u2013284 (2019)"},{"key":"18_CR12","doi-asserted-by":"crossref","unstructured":"Carlini, N., Wagner, D.A.: Towards evaluating the robustness of neural networks. In: 2017 IEEE Symposium on Security and Privacy, SP 2017, San Jose, CA, USA, 22\u201326 May 2017, pp. 39\u201357 (2017)","DOI":"10.1109\/SP.2017.49"},{"key":"18_CR13","unstructured":"Cortezi, A.: binviz (2019). https:\/\/github.com\/cortesi\/scurve\/blob\/master\/binvis"},{"key":"18_CR14","unstructured":"Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples. In: 3rd International Conference on Learning Representations, ICLR 2015, San Diego, CA, USA, 7\u20139 May 2015, Conference Track Proceedings (2015)"},{"issue":"1","key":"18_CR15","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10207-014-0242-0","volume":"14","author":"K Han","year":"2015","unstructured":"Han, K., Lim, J.H., Kang, B., Im, E.G.: Malware analysis using visualized images and entropy graphs. Int. J. Inf. Sec. 14(1), 1\u201314 (2015). https:\/\/doi.org\/10.1007\/s10207-014-0242-0","journal-title":"Int. J. Inf. Sec."},{"key":"18_CR16","unstructured":"Hu, W., Tan, Y.: Generating adversarial malware examples for black-box attacks based on GAN. CoRR abs\/1702.05983 (2017)"},{"key":"18_CR17","unstructured":"Hu, W., Tan, Y.: Black-box attacks against RNN based malware detection algorithms. In: The Workshops of the the Thirty-Second AAAI Conference on Artificial Intelligence, New Orleans, Louisiana, USA, 2\u20137 February 2018, pp. 245\u2013251 (2018)"},{"key":"18_CR18","unstructured":"Jagielski, M., Carlini, N., Berthelot, D., Kurakin, A., Papernot, N.: High accuracy and high fidelity extraction of neural networks (2020)"},{"key":"18_CR19","doi-asserted-by":"crossref","unstructured":"Juuti, M., Szyller, S., Marchal, S., Asokan, N.: PRADA: protecting against DNN model stealing attacks. In: IEEE European Symposium on Security and Privacy, EuroS&P 2019, Stockholm, Sweden, 17\u201319 June 2019, pp. 512\u2013527 (2019)","DOI":"10.1109\/EuroSP.2019.00044"},{"key":"18_CR20","unstructured":"Ke, G., et al.: Lightgbm: a highly efficient gradient boosting decision tree. In: Advances in Neural Information Processing Systems 30: Annual Conference on Neural Information Processing Systems 2017, 4\u20139 December 2017, Long Beach, CA, USA, pp. 3146\u20133154 (2017)"},{"key":"18_CR21","unstructured":"Khormali, A., Abusnaina, A., Chen, S., Nyang, D., Mohaisen, A.: COPYCAT: practical adversarial attacks on visualization-based malware detection. CoRR abs\/1909.09735 (2019)"},{"key":"18_CR22","doi-asserted-by":"crossref","unstructured":"Kolosnjaji, B., et al.: Adversarial malware binaries: evading deep learning for malware detection in executables. In: 26th European Signal Processing Conference, EUSIPCO 2018, Roma, Italy, 3\u20137 September 2018, pp. 533\u2013537 (2018)","DOI":"10.23919\/EUSIPCO.2018.8553214"},{"key":"18_CR23","doi-asserted-by":"crossref","unstructured":"Nataraj, L., Karthikeyan, S., Jacob, G., Manjunath, B.S.: Malware images: visualization and automatic classification. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security, VizSec 2011, pp. 4:1\u20134:7 (2011)","DOI":"10.1145\/2016904.2016908"},{"key":"18_CR24","doi-asserted-by":"crossref","unstructured":"Orekondy, T., Schiele, B., Fritz, M.: Knockoff nets: stealing functionality of black-box models. In: IEEE Conference on Computer Vision and Pattern Recognition, CVPR 2019, Long Beach, CA, USA, 16\u201320 June 2019, pp. 4954\u20134963 (2019)","DOI":"10.1109\/CVPR.2019.00509"},{"key":"18_CR25","unstructured":"Papernot, N., McDaniel, P.D., Goodfellow, I.J.: Transferability in machine learning: from phenomena to black-box attacks using adversarial samples. CoRR abs\/1605.07277 (2016)"},{"key":"18_CR26","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P.D., Goodfellow, I.J., Jha, S., Celik, Z.B., Swami, A.: Practical black-box attacks against deep learning systems using adversarial examples. CoRR abs\/1602.02697 (2016)","DOI":"10.1145\/3052973.3053009"},{"key":"18_CR27","unstructured":"Raff, E., Barker, J., Sylvester, J., Brandon, R., Catanzaro, B., Nicholas, C.K.: Malware detection by eating a whole EXE. In: The Workshops of the the Thirty-Second AAAI Conference on Artificial Intelligence, New Orleans, Louisiana, USA, 2\u20137 February 2018, pp. 268\u2013276 (2018)"},{"key":"18_CR28","doi-asserted-by":"crossref","unstructured":"Reith, R.N., Schneider, T., Tkachenko, O.: Efficiently stealing your machine learning models. In: Proceedings of the 18th ACM Workshop on Privacy in the Electronic Society, WPES@CCS 2019, London, UK, 11 November 2019, pp. 198\u2013210 (2019)","DOI":"10.1145\/3338498.3358646"},{"key":"18_CR29","doi-asserted-by":"crossref","unstructured":"Rosenberg, I., Shabtai, A., Rokach, L., Elovici, Y.: Generic black-box end-to-end attack against state of the art API call based malware classifiers. In: Research in Attacks, Intrusions, and Defenses - 21st International Symposium, RAID 2018, Heraklion, Crete, Greece, 10\u201312 September 2018, Proceedings, pp. 490\u2013510 (2018)","DOI":"10.1007\/978-3-030-00470-5_23"},{"issue":"1","key":"18_CR30","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1145\/584091.584093","volume":"5","author":"CE Shannon","year":"2001","unstructured":"Shannon, C.E.: A mathematical theory of communication. Mob. Comput. Commun. Rev. 5(1), 3\u201355 (2001)","journal-title":"Mob. Comput. Commun. Rev."},{"key":"18_CR31","unstructured":"Shokri, R., Stronati, M., Song, C., Shmatikov, V.: Membership inference attacks against machine learning models. In: 2017 IEEE Symposium on Security and Privacy, SP 2017, San Jose, CA, USA, May 22\u201326, 2017, pp. 3\u201318 (2017)"},{"key":"18_CR32","unstructured":"Suciu, O., Coull, S.E., Johns, J.: Exploring adversarial examples in malware detection. In: 2019 IEEE Security and Privacy Workshops, SP Workshops 2019, San Francisco, CA, USA, May 19\u201323, 2019, pp. 8\u201314 (2019)"},{"key":"18_CR33","unstructured":"Szegedy, C., et al.: Intriguing properties of neural networks. In: 2nd International Conference on Learning Representations, ICLR 2014, Banff, AB, Canada, 14\u201316 April 2014, Conference Track Proceedings (2014)"},{"key":"18_CR34","unstructured":"Tram\u00e8r, F., Zhang, F., Juels, A., Reiter, M.K., Ristenpart, T.: Stealing machine learning models via prediction apis. In: 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, 10\u201312 August 2016, pp. 601\u2013618 (2016)"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-63086-7_18","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,24]],"date-time":"2021-04-24T21:29:23Z","timestamp":1619299763000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-63086-7_18"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030630850","9783030630867"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-63086-7_18","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"12 December 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SecureComm","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security and Privacy in Communication Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Washington, WA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21 October 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"securecomm2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/securecomm.eai-conferences.org\/2020\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Confy","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"120","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"50","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"42% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2,86","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}