Subgraph-Based Adversarial Examples Against Graph-Based IoT Malware Detection Systems

  • Ahmed AbusnainaEmail author
  • Hisham Alasmary
  • Mohammed Abuhamad
  • Saeed Salem
  • DaeHun Nyang
  • Aziz Mohaisen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11917)


Internet of Things (IoT) has become widely adopted in many fields, including industry, social networks, health care, and smart homes, connecting billions of IoT devices through the internet. Understanding and studying IoT malware through analysis using various approaches, such as Control Flow Graph (CFG)-based features and then applying deep learning detection, are widely explored. In this study, we investigate the robustness of such models against adversarial attacks. Our approach crafts the adversarial IoT software using the Subgraph Embedding and Augmentation (SGEA) method that reduces the embedded size required to cause misclassification. Intensive experiments are conducted to evaluate the performance of the proposed method. We observed that SGEA approach is able to misclassify all IoT malware samples as benign by embedding an average size of 6.8 nodes. This highlights that the current detection systems are prone to adversarial examples attacks; thus, there is a need to build more robust systems to detect such manipulated features generated by adversarial examples.


IoT malware detection Adversarial learning Graph embedding 



This work is supported by NRF grant 2016K1A1A2912757, NVIDIA GPU Grant (2018 and 2019), and a Cyber Florida Seed Grant.


  1. 1.
    Antonakakis, M., et al.: Understanding the Mirai Botnet. In: Proceedings of the 26th USENIX Security Symposium, pp. 1093–1110 (2017)Google Scholar
  2. 2.
    Azmoodeh, A., Dehghantanha, A., Choo, K.-K.R.: Robust malware detection for Internet of (Battlefield) Things devices using deep eigenspace learning. IEEE Trans. Sustain. Comput. 4, 88–95 (2019)CrossRefGoogle Scholar
  3. 3.
    Mohaisen, A., Alrawi, O., Mohaisen, M.: AMAL: high-fidelity, behavior-based automated malware analysis and classification. Comput. Secur. 52, 251–266 (2015)CrossRefGoogle Scholar
  4. 4.
    Alasmary, H., et al.: Analyzing and detecting emerging Internet of Things malware: a graph-based approach. IEEE Internet Things J. (2019) Google Scholar
  5. 5.
    Mohaisen, A., Yun, A., Kim, Y.: Measuring the mixing time of social graphs. In: ACM IMC, pp. 383–389 (2010)Google Scholar
  6. 6.
    Mohaisen, A., Hopper, N., Kim, Y.: Keep your friends close: incorporating trust into social network-based Sybil defenses. In: Proceedings of the 30th IEEE International Conference on Computer Communications, INFOCOM, pp. 1943–1951 (2011)Google Scholar
  7. 7.
    Ian, C.S., Goodfellow, J., Shlens, J.: Explaining and harnessing adversarial examples. In: International Conference on Learning Representations, pp. 1–11 (2015)Google Scholar
  8. 8.
    Moosavi-Dezfooli, S., Fawzi, A., Frossard, P.: DeepFool: a simple and accurate method to fool deep neural networks. In: IEEE Conference on Computer Vision and Pattern Recognition, pp. 2574–2582 (2016)Google Scholar
  9. 9.
    Papernot, N., McDaniel, P.D., Jha, S., Fredrikson, M., Celik, Z.B., Swami, A.: The limitations of deep learning in adversarial settings. In: Proceedings of the IEEE European Symposium on Security and Privacy (EuroS&P), pp. 372–387 (2016)Google Scholar
  10. 10.
    Grosse, K., Papernot, N., Manoharan, P., Backes, M., McDaniel, P.: Adversarial examples for malware detection. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10493, pp. 62–79. Springer, Cham (2017). Scholar
  11. 11.
    Abusnaina, A., Khormali, A., Alasmary, H., Park, J., Anwar, A., Mohaisen, A.: Adversarial learning attacks on graph-based IoT malware detection systems. In: 39th IEEE International Conference on Distributed Computing Systems, ICDCS (2019)Google Scholar
  12. 12.
    Wüchner, T., Ochoa, M., Pretschner, A.: Robust and effective malware detection through quantitative data flow graph metrics. In: Almgren, M., Gulisano, V., Maggi, F. (eds.) DIMVA 2015. LNCS, vol. 9148, pp. 98–118. Springer, Cham (2015). Scholar
  13. 13.
    Caselden, D., Bazhanyuk, A., Payer, M., McCamant, S., Song, D.: HI-CFG: construction by binary analysis and application to attack polymorphism. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 164–181. Springer, Heidelberg (2013). Scholar
  14. 14.
    Alam, S., Horspool, R.N., Traoré, I., Sogukpinar, I.: A framework for metamorphic malware analysis and real-time detection. Comput. Secur. 48, 212–233 (2015)CrossRefGoogle Scholar
  15. 15.
    Bruschi, D., Martignoni, L., Monga, M.: Detecting self-mutating malware using control-flow graph matching. In: Büschkes, R., Laskov, P. (eds.) DIMVA 2006. LNCS, vol. 4064, pp. 129–143. Springer, Heidelberg (2006). Scholar
  16. 16.
    Yan, J., Jin, D., Yan, G.: Classifying malware represented as control flow graphs using deep graph convolutional neural networks. In: IEEE/IFIP DSN, pp. 1–12 (2019)Google Scholar
  17. 17.
    Antonakakis, M., et al.: From throw-away traffic to bots: Detecting the rise of DGA-based malware. In: Proceedings of the 21th USENIX Security Symposium, pp. 491–506 (2012)Google Scholar
  18. 18.
    Carlini, N., Wagner, D.A.: Towards evaluating the robustness of neural networks. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 39–57 (2017)Google Scholar
  19. 19.
    Khormali, A., Abusnaina, A., Nyang, D., Yuksel, M., Mohaisen, A.: Examining the robustness of learning-based DDoS detection in software defined networks. In: Proceedings of the IEEE Conference on Dependable and Secure Computing, IDSC (2019)Google Scholar
  20. 20.
    Developers, Radare2 (2019).
  21. 21.
    Thoma, M., et al.: Discriminative frequent subgraph mining with optimality guarantees. Stat. Anal. Data Min. 3(5), 302–318 (2010)MathSciNetCrossRefGoogle Scholar
  22. 22.
    Yan, X., Han, J.: gSpan: graph-based substructure pattern mining. In: Proceedings of the 2002 IEEE International Conference on Data Mining, pp. 721–724 (2002)Google Scholar
  23. 23.
    Developers, Cyberiocs (2019).
  24. 24.
    Github (2019).
  25. 25.
    VirusTotal (2019).
  26. 26.
    Sebastián, M., Rivera, R., Kotzias, P., Caballero, J.: AVclass: a tool for massive malware labeling. In: Monrose, F., Dacier, M., Blanc, G., Garcia-Alfaro, J. (eds.) RAID 2016. LNCS, vol. 9854, pp. 230–253. Springer, Cham (2016). Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Ahmed Abusnaina
    • 1
    Email author
  • Hisham Alasmary
    • 1
  • Mohammed Abuhamad
    • 1
    • 2
  • Saeed Salem
    • 3
  • DaeHun Nyang
    • 2
  • Aziz Mohaisen
    • 1
  1. 1.University of Central FloridaOrlandoUSA
  2. 2.Inha UniversityIncheonSouth Korea
  3. 3.North Dakota State UniversityFargoUSA

Personalised recommendations