Method and apparatus for analyzing vulnerability of malicious file detection model
The method addresses the challenge of analyzing vulnerabilities in malicious file detection models by performing targeted attacks and generating reports, enhancing the models' defenses against evolving threats.
Patent Information
- Authority / Receiving Office
- WO · WO
- Patent Type
- Applications
- Current Assignee / Owner
- FOUND OF SOONGSIL UNIV IND COOP
- Filing Date
- 2025-03-28
- Publication Date
- 2026-07-16
AI Technical Summary
Existing malicious file detection models face challenges in analyzing vulnerabilities and optimizing defenses against evolving attack techniques, making it difficult to effectively respond to constantly changing threats.
A method and apparatus for analyzing vulnerabilities in malicious file detection models by determining the model and attack type, generating malicious files, performing attacks, recording results, and visualizing data to generate a report, which includes setting hyperparameters specific to the attack type and recording success/failure metrics.
Enables efficient analysis of vulnerabilities in malicious file detection models, allowing users to enhance their defenses proactively against anticipated attacks through visualization and reporting.
Smart Images

Figure KR2025003999_16072026_PF_FP_ABST
Abstract
Description
Vulnerability analysis method and device for malicious file detection models
[0001] The present disclosure relates to a method and apparatus for analyzing vulnerabilities of a malicious file detection model, and more specifically, to a method and apparatus for analyzing vulnerabilities of a malicious file detection model, visualizing the results, and providing a report.
[0002] The present invention is derived from research conducted as part of the Ministry of Science and ICT's Core Source Technology Development (R&D) for Information Security (Project Unique Number: 2710008252, Project Number: 00398353, Project Management Agency: Korea Institute of Information & Communication Technology Planning & Evaluation, Research Project Title: Development of Generative AI Security Threat Response Technology, Project Executing Agency: Soongsil University Industry-Academic Cooperation Foundation, Research Period: April 1, 2024 – December 31, 2024). Meanwhile, the Korean government, as the provider of the project, has no property interest in any aspect of the present invention.
[0003] With the recent advancement of artificial intelligence technology, various AI-based security technologies are being developed to detect malicious files. For example, malicious file detection models such as Malconv and Nonneg can detect malicious files by taking an arbitrary file as input and classifying it as either a normal or malicious file. Meanwhile, as these models are developed, various attack techniques to bypass them are also being created. However, it is a challenging task to immediately analyze the vulnerabilities of malicious file detection models and optimize them to respond to constantly evolving attacks.
[0004] The present disclosure aims to provide a method for analyzing vulnerabilities in a malicious file detection model to solve the above-mentioned problems, a computer program stored on a computer-readable medium, a computer-readable medium storing the computer program, and a device (system).
[0005] The problems that this disclosure aims to solve are not limited to those described above, and other unmentioned problems will be clearly understood by a person skilled in the art from the description below.
[0006] A method for analyzing vulnerabilities of a malicious file detection model performed by at least one processor according to one embodiment of the present disclosure comprises: determining a malicious file detection model and an attack type to be targeted for vulnerability analysis; setting hyperparameters corresponding to the determined attack type; generating a plurality of malicious files corresponding to the attack type and hyperparameters; performing an attack on the malicious file detection model based on the generated plurality of malicious files; recording result data of the attack on the malicious file detection model; and visualizing the recorded result data to generate a report.
[0007] A step of determining a malicious file detection model and an attack type that are targets of an attack for vulnerability analysis according to one embodiment of the present disclosure includes determining one of an attack type among a tamper-based attack type and a model extraction-based attack type.
[0008] The step of setting hyperparameters corresponding to a determined attack type according to one embodiment of the present disclosure includes, when the attack type is determined to be a modulation-based attack type, setting an attack technique and a modulation rate as hyperparameters.
[0009] The step of setting a hyperparameter corresponding to a determined attack type according to one embodiment of the present disclosure includes, when the attack type is determined to be a model extraction-based attack type, setting the number of epochs for model learning as a hyperparameter.
[0010] The step of recording result data of an attack on a malicious file detection model according to one embodiment of the present disclosure includes recording the number of successful queries, the number of failed queries, the hash value of the malicious file that succeeded in the attack, and an image file as result data.
[0011] The step of generating a report by visualizing recorded result data according to one embodiment of the present disclosure includes the step of generating a report with the date and time of performing vulnerability analysis of the malicious file detection model as the name.
[0012] The step of generating a report by visualizing recorded result data according to one embodiment of the present disclosure includes the step of generating a comment on the stability of a malicious file detection model and the step of generating a report by combining the result data and the generated comment.
[0013] A malicious file detection model according to one embodiment of the present disclosure is a model trained to receive raw data of a PE binary file and classify the PE binary file as a normal file or a malicious file.
[0014] A computer program stored on a computer-readable recording medium is provided to execute the above-described method according to one embodiment of the present disclosure on a computer.
[0015] A computing device according to one embodiment of the present disclosure comprises a communication module, a memory, and at least one processor connected to the memory and configured to execute at least one computer-readable program included in the memory. The at least one program includes instructions for determining a malicious file detection model and an attack type to be targeted for vulnerability analysis, setting hyperparameters corresponding to the determined attack type, generating a plurality of malicious files corresponding to the attack type and hyperparameters, performing an attack on the malicious file detection model based on the generated plurality of malicious files, recording result data of the attack on the malicious file detection model, and generating a report by visualizing the recorded result data.
[0016] In various embodiments of the present disclosure, the computing device can easily analyze vulnerabilities regardless of the type of malicious file detection model, and the user can supplement the malicious file detection model based on the analysis to effectively block anticipated attacks in advance.
[0017] In various embodiments of the present disclosure, the computing device may provide an image file visualized along with a report so that the user can simply check the vulnerability of the malicious file detection model.
[0018] The effects according to the present disclosure are not limited to those described above, and other unmentioned effects will be clearly understood by a person skilled in the art from the description below.
[0019] FIG. 1 is a functional block diagram showing the internal configuration of a computing device according to one embodiment of the present disclosure.
[0020] FIG. 2 is a drawing showing an example of a report according to one embodiment of the present disclosure.
[0021] FIG. 3 is an exemplary drawing showing an image file of result data obtained by an extraction-based attack according to one embodiment of the present disclosure.
[0022] FIG. 4 is a flowchart illustrating an example of a vulnerability analysis method for a malicious file detection model according to one embodiment of the present disclosure.
[0023] FIG. 5 is a block diagram showing the hardware configuration of a computing device according to one embodiment of the present disclosure.
[0024] Hereinafter, exemplary embodiments according to the present invention will be described in detail with reference to the contents described in the attached drawings. However, the present invention is not limited or restricted by exemplary embodiments. Unless otherwise defined, all terms used in this specification (including technical and scientific terms) shall be used in a meaning that is commonly understood by those skilled in the art to which this disclosure belongs, but this may vary depending on the intent of those skilled in the art, case law, the emergence of new technology, etc.
[0025] Furthermore, terms defined in commonly used dictionaries are not to be interpreted ideally or excessively unless explicitly and specifically defined otherwise. In certain cases, terms have been selected at the applicant's discretion, and in such cases, their meanings will be described in detail in the relevant explanatory sections. Accordingly, terms used in this disclosure should be defined not merely by their names, but based on their meanings and the content throughout this disclosure.
[0026] Throughout this specification, when a part is described as "comprising" a certain component, this means that, unless specifically stated otherwise, it does not exclude other components but may include additional components. Furthermore, the singular form used in this specification includes the plural form unless specifically stated otherwise. Additionally, the expression "at least one of a, b, and / or c" as used throughout this specification may encompass 'a alone', 'b alone', 'c alone', 'a and b', 'a and c', 'b and c', or 'a, b, and c all'.
[0027] Meanwhile, terms such as "first and / or second" used in this specification may be used to describe various components, but they are used solely for the purpose of distinguishing one component from another and are not intended to limit the scope to the components referred to by such terms. For example, without departing from the scope of the present invention, the first component may be named the second component, and the second component may also be named the first component.
[0028] Additionally, terms such as “…part,” “…module,” etc., as described in this specification refer to a unit that processes at least one function or operation, which may be implemented in hardware or software, or a combination of hardware and software. Furthermore, embodiments of this disclosure may be represented in this specification by functional block configurations and various processing steps. These functional blocks may be implemented by various numbers of hardware and / or software configurations that execute specific functions. For example, embodiments of this disclosure may employ integrated circuit configurations such as memory, processing, logic, look-up tables, etc., which can execute various functions under the control of one or more microprocessors or other control devices.
[0029] In an embodiment according to the present disclosure, functions related to artificial intelligence may be implemented through a processor and memory. In this case, the processor may be any one of a general-purpose processor such as a CPU (Center Processing Unit), AP (Application Processor), DSP (Digital Signal Processor), a graphics-dedicated processor such as a GPU (Graphic Processing Unit) or VPU (Vision Processing Unit), and an artificial intelligence-dedicated processor such as an NPU (Neural Network Processing Unit). The processor may process input data according to predefined operation rules or artificial intelligence models stored in memory. Alternatively, if the processor is an artificial intelligence-dedicated processor, the artificial intelligence-dedicated processor may be designed with a hardware structure specialized for processing a specific artificial intelligence model. In some embodiments according to the present disclosure, functions related to artificial intelligence may be implemented through a plurality of processors.
[0030] In an embodiment according to the present disclosure, a predefined operation rule or artificial intelligence model may be configured to perform machine learning. Here, being configured to perform machine learning means that the predefined operation rule or artificial intelligence model is configured to perform a desired characteristic (or objective) by learning using a plurality of training data based on a learning algorithm. Such learning may be performed on the device itself in which the artificial intelligence according to the present disclosure is implemented, or it may be performed through a separate server and / or system.
[0031] Artificial intelligence models can be implemented as neural networks (or artificial neural networks) and can operate based on statistical learning algorithms that mimic biological neurons in machine learning and cognitive science. A neural network can refer to a model in which artificial neurons (nodes), which form a network through synaptic connections, change the strength of synaptic connections through learning to possess problem-solving capabilities. A neural network can be composed of multiple neural network layers; for example, a neural network may include an input layer, a hidden layer, and an output layer. Each of the multiple neural network layers may include at least one node and at least one weight, and neural network operations can be performed through operations between the results of previous (precious) layers and the weights. At least one weight possessed by the multiple neural network layers may be optimized based on the learning results of the artificial intelligence model. For example, at least one weight may be updated so that the loss value or cost value obtained from the artificial intelligence model during the learning process is reduced or minimized. Neural networks can infer a result to be predicted from an arbitrary input.
[0032] The learning methods of artificial intelligence models can be classified according to the learning approach into supervised learning, where input and output data are provided as training data and the correct answer (output data) corresponding to the problem (input data) is predetermined; unsupervised learning, where only input data is provided without output data and the correct answer (output data) corresponding to the problem (input data) is not predetermined; and reinforcement learning, where a reward is granted whenever an action is taken from the current state and learning proceeds in a direction that maximizes this reward. Alternatively, they can be classified according to the architecture, which is the structure of the learning model.
[0033] In the embodiments of the present disclosure, the artificial intelligence model is a Convolutional Neural Network (CNN) such as GoogleNet, AlexNet, VGG Network, Region with Convolutional Neural Network (R-CNN), Region Proposal Network (RPN), Recurrent Neural Network (RNN), Stacking-based Deep Neural Network (S-DNN), State-Space Dynamic Neural Network (S-SDNN), Deconvolution Network, Deep Belief Network (DBN), Restructured Boltzmann Machine (RBM), Fully Convolutional Network, Long Short-Term Memory Network (LSTM), Classification Network, Generative Modeling, eXplainable AI, Continual AI, Representation Learning, AI for Material Design, BERT, SP-BERT, MRC / QA for Natural Language Processing, Text Analysis, Dialog System, GPT-3, GPT-4, Visual Analytics, Visual Understanding, Video Synthesis for Vision Processing, Anomaly Detection, Prediction, Time-Series Forecasting, Optimization, Recommendation for ResNet Data Intelligence, At least one of various artificial intelligence structures and algorithms, such as data creation, may be used. The examples described above are merely examples of artificial intelligence structures and algorithms used according to the embodiments of the present disclosure and do not limit the artificial intelligence structures and algorithms used according to the embodiments of the present disclosure.
[0034] In the present disclosure, "malicious file" may refer to a file containing malicious programs or malicious code designed to cause harm to a computer or network or to disable security to steal information, such as viruses, worms, Trojan horses, or spyware. Additionally, "malicious file detection model" may refer to an artificial intelligence model trained to receive any file as input and classify the file as a normal file or a malicious file.
[0035] Hereinafter, various embodiments of the present disclosure will be described in detail with reference to the accompanying drawings. In describing the embodiments, technical details that are well known in the art to which the present invention pertains and are not directly related to the present invention will be omitted. This is to ensure that the essence of the present invention is conveyed more clearly without obscuring it by omitting unnecessary explanations. For the same reason, some components in the accompanying drawings may be exaggerated, omitted, or schematically depicted. Furthermore, the size of each component does not entirely reflect its actual size. Throughout this specification, the same reference numerals may refer to the same or corresponding components.
[0036] FIG. 1 is a functional block diagram showing the internal configuration of a computing device (100) according to one embodiment of the present disclosure. According to one embodiment, the computing device (100) may refer to any device for analyzing vulnerabilities of a malicious file detection model (106), which is an artificial intelligence model trained to detect and classify malicious files, and for visualizing and generating and / or outputting the analysis results. As illustrated, the computing device (100) may include a user input unit (102), a dataset (104), a malicious file detection model (106), a logger (108), an output unit (110), etc.
[0037] According to one embodiment, the computing device (100) can generate malicious files according to the type of attack and directly attack a target model, i.e., a malicious file detection model (106), with the generated malicious files to observe and analyze the results. To this end, the computing device (100) can determine or set the malicious file detection model (106) to be attacked, the type of attack, and hyperparameters including detailed information of the attack.
[0038] According to one embodiment, the user input unit (102) can receive information regarding the target model, attack type, hyperparameters, etc. from the user. For example, the user can input information regarding the target model, attack type, hyperparameters, etc. through the input device of the computing device (100) and / or the input device of the user terminal, and the user input unit (102) can receive the information input by the user in this manner.
[0039] According to one embodiment, hyperparameters may be determined differently depending on the type of attack. For example, the user input unit (102) may first receive information regarding the target model and the type of attack from the user, and based thereon, determine the malicious file detection model (106) and the type of attack that are the target of the attack for vulnerability analysis. Then, the user input unit (102) may receive information regarding hyperparameters corresponding to the type of attack, and based on the received information, set hyperparameters for creating a malicious file.
[0040] According to one embodiment, the attack type may include a deception-based attack type and a model extraction-based attack type. Here, the deception-based attack type is an attack method that bypasses a malicious file detection model (106) and may be operated by editing and adding arbitrary data to the padding space of a file (e.g., a PE binary file). Additionally, the model extraction-based attack type may refer to an attack method that duplicates an original model to generate an extraction model similar to the original model.
[0041] According to one embodiment, the modulation-based attack type may include attack techniques such as section injection, full DOS, and genetic algorithm. For example, section injection can be performed by injecting a vector obtained by optimizing a gradient into a section at the end of the binary file. Additionally, full DOS can be performed by editing the 58 bytes following the magic number MZ to apply a binary mask and updating the gradient thereon. Additionally, the genetic algorithm can be performed by calculating a byte sequence that minimizes the loss function using a gamma function and adding it as noise to the bottom of the PE binary file.
[0042] According to one embodiment, a model extraction-based attack type can operate by assuming a thief dataset is a Dike dataset labeled with malicious files and benign files, and by sending the malicious files and benign files of the Dike dataset as a query to learn the result labeling and probability of a malicious file detection model (106) to generate an extraction model.
[0043] According to one embodiment, when the attack type is determined to be a modulation-based attack type, the user input unit (102) can receive and set the attack technique and modulation rate as hyperparameters. That is, when the user selects the attack type as a modulation-based attack type, the user can select at least one of the attack techniques such as section injection, full DOS, and genetic algorithms, and set the hyperparameters by inputting the modulation rate. Additionally or alternatively, when the attack type is determined to be a model extraction-based attack type, the user input unit (102) can receive and set the test dataset for model training, the number of epochs, etc., as hyperparameters.
[0044] When a target model, attack type, and hyperparameters are determined or set, the computing device (100) may generate a plurality of malicious files corresponding to the determined attack type and hyperparameters. The plurality of malicious files thus generated may be stored in a dataset (104) for attacking a malicious file detection model (106). Then, the computing device (100) may perform an attack on the malicious file detection model (106) using the malicious files and / or normal files stored in the dataset (104) and analyze the classification results.
[0045] According to one embodiment, the logger (108) may record and store result data of each attack while an attack is being performed on the malicious file detection model (106). For example, the logger (108) may record and store result data such as the type of attack performed, the number of successful queries of the attack, the number of failed queries, the success rate representing the ratio of the number of successful queries to the total number of queries, the hash value of the malicious file that succeeded in the attack, and image files. In this case, the hash value may be used to verify detailed information of the malicious file that succeeded in the attack.
[0046] When all attacks on the malicious file detection model (106) are completed, the output unit (110) can generate a report by visualizing the result data recorded by the logger (108). In this case, the output unit (110) can generate a comment on the stability of the malicious file detection model and generate a report by combining the result data and the generated comment. Here, the report is an analysis report provided to allow the user to verify the vulnerability of the target model, and the date and time of the vulnerability analysis of the malicious file detection model (106) can be used as the name to classify the experiment date.
[0047] In FIG. 1, each functional component included in the computing device (100) is described separately, but this is only to aid in understanding the invention, and one computing device may perform two or more functions. With such a configuration, the computing device (100) can easily analyze vulnerabilities regardless of the type of malicious file detection model (106), and the user can supplement the malicious file detection model (106) based on the analyzed content to effectively block anticipated attacks in advance.
[0048] FIG. 2 is a drawing illustrating an example of a report (200) according to an embodiment of the present disclosure. As illustrated, the report (200) may include text, etc., visualizing the vulnerability analysis results of a malicious file detection model. As illustrated, the report (200) may include a name, a target model, an attack type, an attack method, the results of the attack execution, and comments (opinion and visualization) regarding stability.
[0049] In the illustrated example, the report (200) may have a name such as " / home / AttackNNs / vds-logs / 20-May-2024_04_20_37's Report:". As such, the name of the report (200) may include the date and time when vulnerability analysis of the malicious file detection model was performed. Additionally, the report (200) may include the name of the target model ("Target Model : malconv"), the attack type ("Attack Type : model_extraction"), the attack method ("Attack Method : extraction"), etc. as configuration information for the attack for vulnerability analysis. Here, the attack method associated with the report (200) is an extraction-based attack method and may have the number of epochs ("epochs : 20") as a hyperparameter.
[0050] According to one embodiment, as a result of performing an attack, the reproducibility may be determined to be 99.30%. In an extraction-based attack method, a high reproducibility indicates that there is a high degree of similarity between the original model and the extracted model, and thus the vulnerability of the model may be determined to be high.
[0051] According to one embodiment, the report (200) may include a comment regarding the stability of the malicious file detection model ("Model isn't secure in model_extraction. Need to be fixed."). For example, when an extraction-based attack method is performed, the computing device may determine whether the recall rate is above a predetermined threshold (e.g., 80%) and, if the recall rate is above the threshold, generate a comment stating that the malicious file detection model is not stable. In another example, when a tamper-based attack method is performed, the computing device may generate a comment stating that the malicious file detection model is not stable if the success rate, which represents the ratio of the number of successful attack queries to the total number of attack queries, is above a threshold.
[0052] FIG. 3 is an exemplary drawing showing an image file (300) of result data from an extraction-based attack according to an embodiment of the present disclosure. The illustrated example may show classification results for malicious files of the target model and the extracted model after extracting the target model. In the image file (300), blue points may represent the true detection results of the target model, and green points may represent the true detection results of the extracted model. Additionally, in the image file (300), red points may represent false detection results of the target model, and orange points may represent false detection results of the extracted model.
[0053] In this way, the more similar the true and false positive results of the target model and the extraction model are formed, the more vulnerable the target model may be to extraction-based attacks. A computing device (100 in FIG. 1) can provide these image files (300) visualized along with a report so that a user can simply check the vulnerability of the malicious file detection model.
[0054] FIG. 4 is a flowchart illustrating an example of a vulnerability analysis method (400) of a malicious file detection model according to an embodiment of the present disclosure. The vulnerability analysis method (400) of a malicious file detection model may be performed by a processor (e.g., at least one processor of a computing device). The vulnerability analysis method (400) of a malicious file detection model may be initiated by the processor determining a malicious file detection model and an attack type that are targets of an attack for vulnerability analysis (S410). For example, the processor may determine one of a tamper-based attack type and a model extraction-based attack type.
[0055] The processor can set hyperparameters corresponding to the determined attack type (S420). For example, if the attack type is determined to be a modulation-based attack type, the processor can set the attack technique and modulation rate as hyperparameters. Additionally, if the attack type is determined to be a model extraction-based attack type, the processor can set the number of epochs for model training as hyperparameters.
[0056] The processor can generate multiple malicious files corresponding to attack types and hyperparameters (S430). Additionally, the processor can perform an attack on a malicious file detection model based on the generated multiple malicious files (S440). Here, the malicious file detection model may include a model trained to receive raw data of a PE binary file and classify the PE binary file as a normal file or a malicious file.
[0057] The processor can record result data of an attack on a malicious file detection model (S450). For example, the processor can record the number of successful queries, the number of failed queries, the hash value of the malicious file that succeeded in the attack, and image files as result data. Then, the processor can generate a report by visualizing the recorded result data (S460). For example, the processor can generate a report with the date and time of performing the vulnerability analysis of the malicious file detection model as the name. Additionally, the processor can generate comments regarding the stability of the malicious file detection model and generate a report by combining the result data with the generated comments.
[0058] FIG. 5 is a block diagram showing the hardware configuration of a computing device (100) according to one embodiment of the present disclosure. The computing device (100) may include a memory (510), a processor (520), a communication module (530), and an input / output interface (540), and as shown in FIG. 5, the computing device (100) may be configured to communicate information and / or data through a network using the communication module (530).
[0059] The memory (510) may include any non-transient computer-readable recording medium. According to one embodiment, the memory (510) may include a permanent mass storage device such as random access memory (RAM), read-only memory (ROM), disk drive, solid state drive (SSD), flash memory, etc. As another example, a permanent mass storage device such as ROM, SSD, flash memory, disk drive, etc. may be included in the computing device (100) as a separate permanent storage device distinct from the memory. Additionally, an operating system and at least one program code may be stored in the memory (510).
[0060] These software components may be loaded from a computer-readable recording medium separate from the memory (510). This separate computer-readable recording medium may include a recording medium that can be directly connected to the computing device (100), for example, a computer-readable recording medium such as a floppy drive, disk, tape, DVD / CD-ROM drive, or memory card. As another example, the software components may be loaded into the memory (510) via a communication module (530) rather than a computer-readable recording medium. For example, at least one program may be loaded into the memory (510) based on a computer program installed by files provided through the communication module (530) by developers or a file distribution system that distributes installation files for the application.
[0061] The processor (520) may be configured to process instructions of a computer program by performing basic arithmetic, logic, and input / output operations. Instructions may be provided to another user terminal (not shown) or another external system by memory (510) or a communication module (530).
[0062] The communication module (530) may provide a configuration or function for a user terminal (not shown) and a computing device (100) to communicate with each other via a network, and may provide a configuration or function for the computing device (100) to communicate with an external system (e.g., a separate cloud system). For example, control signals, commands, data, etc. provided under the control of the processor (520) of the computing device (100) may be transmitted to the user terminal and / or the external system through the communication module (530) and the network, and through the communication module of the user terminal and / or the external system.
[0063] Additionally, the input / output interface (540) of the computing device (100) may be a means for interfacing with a device (not shown) for input or output that is connected to the computing device (100) or that the computing device (100) may include. In FIG. 5, the input / output interface (540) is shown as an element configured separately from the processor (520), but is not limited thereto, and the input / output interface (540) may be configured to be included in the processor (520). The computing device (100) may include more components than those shown in FIG. 5. However, there is no need to clearly illustrate most of the prior art components.
[0064] The processor (520) of the computing device (100) may be configured to manage, process, and / or store information and / or data received from a plurality of user terminals and / or a plurality of external systems.
[0065] The methods and / or various embodiments described above may be realized in digital electronic circuits, computer hardware, firmware, software, and / or combinations thereof. Various embodiments of the present disclosure may be executed by a data processing device, for example, one or more programmable processors and / or one or more computing devices, or may be implemented as a computer program stored on a computer-readable recording medium and / or a computer program stored on a computer-readable recording medium. The computer program described above may be written in any form of programming language, including a compiled language or an interpreted language, and may be distributed in any form, such as a standalone program, a module, a subroutine, etc. The computer program may be distributed through a single computing device, a plurality of computing devices connected through the same network, and / or a plurality of computing devices distributed to be connected through a plurality of different networks.
[0066] The above-described methods and / or various embodiments may be performed by one or more processors configured to execute one or more computer programs that process, store, and / or manage any functions, functions, etc., by operating based on input data or generating output data. For example, the methods and / or various embodiments of the present disclosure may be performed by special-purpose logic circuits such as a Field Programmable Gate Array (FPGA) or an Application Specific Integrated Circuit (ASIC), and an apparatus and / or system for performing the methods and / or embodiments of the present disclosure may be implemented as a special-purpose logic circuit such as an FPGA or an ASIC.
[0067] One or more processors executing a computer program may include one or more processors of a general-purpose or special-purpose microprocessor and / or any type of digital computing device. The processor may receive instructions and / or data from each of read-only memory and random access memory, or receive instructions and / or data from read-only memory and random access memory. In the present invention, components of a computing device performing the methods and / or embodiments may include one or more processors for executing instructions and one or more memory devices for storing instructions and / or data.
[0068] According to one embodiment, a computing device may exchange data with one or more mass storage devices for storing data. For example, the computing device may receive data from a magnetic disc or an optical disc and / or receive data from a magnetic disc or an optical disc, and transfer data to a magnetic disc or an optical disc. A computer-readable storage medium suitable for storing instructions and / or data associated with a computer program may include, but is not limited to, any form of non-volatile memory including semiconductor memory devices such as EPROM (Erasable Programmable Read-Only Memory), EEPROM (Electrically Erasable PROM), and flash memory devices. For example, a computer-readable storage medium may include magnetic discs such as internal hard disks or removable disks, optical magnetic discs, CD-ROMs, and DVD-ROMs.
[0069] To provide interaction with a user, the computing device may include, but is not limited to, a display device for providing or displaying information to the user (e.g., CRT (Cathode Ray Tube), LCD (Liquid Crystal Display), etc.) and a pointing device (e.g., keyboard, mouse, trackball, etc.) on which the user can provide input and / or commands, etc. on the computing device. That is, the computing device may further include any other type of device for providing interaction with the user. For example, the computing device may provide any form of sensory feedback to the user for interaction with the user, including visual feedback, auditory feedback and / or tactile feedback. In this regard, the user may provide input to the computing device through various gestures such as visual, vocal, and motion.
[0070] In the present invention, various embodiments may be implemented in a computing system comprising backend components (e.g., data servers), middleware components (e.g., application servers), and / or frontend components. In this case, the components may be interconnected by any form or medium of digital data communication, such as a communication network. For example, the communication network may include a Local Area Network (LAN), a Wide Area Network (WAN), etc.
[0071] A computing device based on the exemplary embodiments described herein may be implemented using hardware and / or software configured to interact with a user, including a user device, a user interface (UI) device, a user terminal, or a client device. For example, the computing device may include a portable computing device such as a laptop computer. Additionally or alternatively, the computing device may include, but is not limited to, Personal Digital Assistants (PDAs), tablet PCs, game consoles, wearable devices, Internet of Things (IoT) devices, Virtual Reality (VR) devices, Augmented Reality (AR) devices, etc. The computing device may further include other types of devices configured to interact with a user. Additionally, the computing device may include a portable communication device suitable for wireless communication over a network such as a mobile communication network (e.g., a mobile phone, a smartphone, a wireless cellular phone, etc.). A computing device may be configured to communicate wirelessly with a network server using wireless communication technologies and / or protocols such as radio frequency (RF), microwave frequency (MWF) and / or infrared frequency (IRF).
[0072] Various embodiments of the present invention, including specific structural and functional details, are exemplary. Accordingly, the embodiments of the present disclosure are not limited to those described above and may be implemented in various other forms. Furthermore, the terms used in the present invention are intended to describe some embodiments and are not to be interpreted as limiting the embodiments. For example, singular words and the above may be interpreted to include plural forms unless the context clearly indicates otherwise.
[0073] In this invention, unless otherwise defined, all terms used herein, including technical or scientific terms, have the same meaning as generally understood by those skilled in the art to which such concepts belong. Furthermore, commonly used terms, such as those defined in advance, should be interpreted as having a meaning consistent with their meaning in the context of the relevant technology.
[0074] Although the present invention has been described in relation to some embodiments, various modifications and changes may be made without departing from the scope of the present disclosure as understood by a person skilled in the art to which the invention of the present disclosure pertains. Furthermore, such modifications and changes should be considered to fall within the scope of the claims appended to this specification.
Claims
1. A vulnerability analysis method for a malicious file detection model performed by at least one processor, Step of determining the malicious file detection model and attack type targeted for vulnerability analysis; A step of setting a hyperparameter corresponding to the above-determined attack type; A step of generating a plurality of malicious files corresponding to the above attack type and the above hyperparameters; A step of performing an attack on the malicious file detection model based on the plurality of malicious files generated above; A step of recording result data of an attack on the above malicious file detection model; and A step of generating a report by visualizing the above-mentioned recorded result data; A vulnerability analysis method for a malicious file detection model including 2. In Paragraph 1, The step of determining the malicious file detection model and attack type targeted for the above vulnerability analysis is, A step of determining one of the attack types, either a deception-based attack type or a model extraction-based attack type; A vulnerability analysis method for a malicious file detection model including 3. In Paragraph 2, The step of setting hyperparameters corresponding to the above-determined attack type is: If the above attack type is determined to be a modulation-based attack type, the step of setting the attack technique and modulation rate as the above hyperparameters; A vulnerability analysis method for a malicious file detection model including 4. In Paragraph 2, The step of setting hyperparameters corresponding to the above-determined attack type is: If the above attack type is determined to be a model extraction-based attack type, a step of setting the number of epochs for model training as the above hyperparameter; A vulnerability analysis method for a malicious file detection model including 5. In Paragraph 1, The step of recording result data of an attack on the above-mentioned malicious file detection model is, A step of recording the number of successful queries, the number of failed queries, the hash value of the malicious file that succeeded in the attack, and the image file as the result data for the above malicious file detection model; A vulnerability analysis method for a malicious file detection model including 6. In Paragraph 1, The step of generating a report by visualizing the above-mentioned recorded result data is, A step of generating the above report, with the date and time of performing the vulnerability analysis of the above malicious file detection model as the name; A vulnerability analysis method for a malicious file detection model including 7. In Paragraph 1, The step of generating a report by visualizing the above-mentioned recorded result data is, A step of generating a comment on the stability of the above malicious file detection model; and A step of generating the report by combining the above result data and the above generated comments; A vulnerability analysis method for a malicious file detection model including 8. In Paragraph 1, The above malicious file detection model is, A method for analyzing vulnerabilities of a malicious file detection model, wherein the model is trained to receive raw data of a PE binary file and classify the PE binary file as a normal file or a malicious file.
9. A computer-readable, non-transient recording medium having a program recorded thereon for executing the vulnerability analysis method of the malicious file detection model described in paragraph 1.
10. As a computing device, Communication module; Memory; and At least one processor connected to the memory and configured to execute at least one computer-readable program contained in the memory; Includes, The above at least one program is, Determine malicious file detection models and attack types targeted for vulnerability analysis, and Set hyperparameters corresponding to the above-determined attack type, and Generates a plurality of malicious files corresponding to the above attack type and the above hyperparameters, and Based on the plurality of malicious files generated above, an attack is performed on the malicious file detection model, and Recording result data of an attack on the above malicious file detection model, and A computing device comprising commands for generating a report by visualizing the above-mentioned recorded result data.