EaTVul: ChatGPT-based Evasion Attack Against Software Vulnerability Detection

• URL: http://arxiv.org/abs/2407.19216v1
• Date: Sat, 27 Jul 2024 09:04:54 GMT
• Title: EaTVul: ChatGPT-based Evasion Attack Against Software Vulnerability Detection
• Authors: Shigang Liu, Di Cao, Junae Kim, Tamas Abraham, Paul Montague, Seyit Camtepe, Jun Zhang, Yang Xiang,
• Abstract summary: Adversarial examples can exploit vulnerabilities within deep neural networks. This study showcases the susceptibility of deep learning models to adversarial attacks, which can achieve 100% attack success rate.
• Score: 19.885698402507145
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Recently, deep learning has demonstrated promising results in enhancing the accuracy of vulnerability detection and identifying vulnerabilities in software. However, these techniques are still vulnerable to attacks. Adversarial examples can exploit vulnerabilities within deep neural networks, posing a significant threat to system security. This study showcases the susceptibility of deep learning models to adversarial attacks, which can achieve 100% attack success rate (refer to Table 5). The proposed method, EaTVul, encompasses six stages: identification of important samples using support vector machines, identification of important features using the attention mechanism, generation of adversarial data based on these features using ChatGPT, preparation of an adversarial attack pool, selection of seed data using a fuzzy genetic algorithm, and the execution of an evasion attack. Extensive experiments demonstrate the effectiveness of EaTVul, achieving an attack success rate of more than 83% when the snippet size is greater than 2. Furthermore, in most cases with a snippet size of 4, EaTVul achieves a 100% attack success rate. The findings of this research emphasize the necessity of robust defenses against adversarial attacks in software vulnerability detection.

Related papers

• Slot: Provenance-Driven APT Detection through Graph Reinforcement Learning [26.403625710805418]
  Advanced Persistent Threats (APTs) represent sophisticated cyberattacks characterized by their ability to remain undetected for extended periods. We propose Slot, an advanced APT detection approach based on provenance graphs and graph reinforcement learning. We show Slot's outstanding accuracy, efficiency, adaptability, and robustness in APT detection, with most metrics surpassing state-of-the-art methods.
  arXiv  Detail & Related papers  (2024-10-23T14:28:32Z)
• Efficient Backdoor Defense in Multimodal Contrastive Learning: A Token-Level Unlearning Method for Mitigating Threats [52.94388672185062]
  We propose an efficient defense mechanism against backdoor threats using a concept known as machine unlearning. This entails strategically creating a small set of poisoned samples to aid the model's rapid unlearning of backdoor vulnerabilities. In the backdoor unlearning process, we present a novel token-based portion unlearning training regime.
  arXiv  Detail & Related papers  (2024-09-29T02:55:38Z)
• A Comparative Study of Watering Hole Attack Detection Using Supervised Neural Network [0.0]
  This study explores the nefarious tactic known as "watering hole attacks using supervised neural networks to detect and prevent these attacks. The neural network identifies patterns in website behavior and network traffic associated with such attacks. In terms of prevention, the model successfully stops 95% of attacks, providing robust user protection.
  arXiv  Detail & Related papers  (2023-11-25T13:30:03Z)
• Investigating Human-Identifiable Features Hidden in Adversarial Perturbations [54.39726653562144]
  Our study explores up to five attack algorithms across three datasets. We identify human-identifiable features in adversarial perturbations. Using pixel-level annotations, we extract such features and demonstrate their ability to compromise target models.
  arXiv  Detail & Related papers  (2023-09-28T22:31:29Z)
• Unveiling Vulnerabilities in Interpretable Deep Learning Systems with Query-Efficient Black-box Attacks [16.13790238416691]
  Interpretable Deep Learning Systems (IDLSes) are designed to make the system more transparent and explainable. We propose a novel microbial genetic algorithm-based black-box attack against IDLSes that requires no prior knowledge of the target model and its interpretation model.
  arXiv  Detail & Related papers  (2023-07-21T21:09:54Z)
• Illusory Attacks: Information-Theoretic Detectability Matters in Adversarial Attacks [76.35478518372692]
  We introduce epsilon-illusory, a novel form of adversarial attack on sequential decision-makers. Compared to existing attacks, we empirically find epsilon-illusory to be significantly harder to detect with automated methods. Our findings suggest the need for better anomaly detectors, as well as effective hardware- and system-level defenses.
  arXiv  Detail & Related papers  (2022-07-20T19:49:09Z)
• RobustSense: Defending Adversarial Attack for Secure Device-Free Human Activity Recognition [37.387265457439476]
  We propose a novel learning framework, RobustSense, to defend common adversarial attacks. Our method works well on wireless human activity recognition and person identification systems.
  arXiv  Detail & Related papers  (2022-04-04T15:06:03Z)
• Certifiers Make Neural Networks Vulnerable to Availability Attacks [70.69104148250614]
  We show for the first time that fallback strategies can be deliberately triggered by an adversary. In addition to naturally occurring abstains for some inputs and perturbations, the adversary can use training-time attacks to deliberately trigger the fallback. We design two novel availability attacks, which show the practical relevance of these threats.
  arXiv  Detail & Related papers  (2021-08-25T15:49:10Z)
• Learning and Certification under Instance-targeted Poisoning [49.55596073963654]
  We study PAC learnability and certification under instance-targeted poisoning attacks. We show that when the budget of the adversary scales sublinearly with the sample complexity, PAC learnability and certification are achievable. We empirically study the robustness of K nearest neighbour, logistic regression, multi-layer perceptron, and convolutional neural network on real data sets.
  arXiv  Detail & Related papers  (2021-05-18T17:48:15Z)
• Adversarial defense for automatic speaker verification by cascaded self-supervised learning models [101.42920161993455]
  More and more malicious attackers attempt to launch adversarial attacks at automatic speaker verification (ASV) systems. We propose a standard and attack-agnostic method based on cascaded self-supervised learning models to purify the adversarial perturbations. Experimental results demonstrate that the proposed method achieves effective defense performance and can successfully counter adversarial attacks.
  arXiv  Detail & Related papers  (2021-02-14T01:56:43Z)
• Early detection of the advanced persistent threat attack using performance analysis of deep learning [0.0]
  Advanced Persistent Threat (APT)-attack is one of the most common and important destructive attacks on the victim system. One of the solutions to detect a secret APT attack is using network traffic. In this study, machine learning methods such as C5.0 decision tree, Bayesian network and deep neural network are used for timely detection and classification of APT-attacks.
  arXiv  Detail & Related papers  (2020-09-19T19:27:35Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.