Search Results for author: Lorenzo Cavallaro

Found 21 papers, 5 papers with code

Learning Temporal Invariance in Android Malware Detectors

no code implementations7 Feb 2025 Xinran Zheng, Shuo Yang, Edith C. H. Ngai, Suman Jana, Lorenzo Cavallaro

Learning-based Android malware detectors degrade over time due to natural distribution drift caused by malware variants and new families.

Contrastive Learning Learning Theory +1

Defending against Adversarial Malware Attacks on ML-based Android Malware Detection Systems

no code implementations23 Jan 2025 Ping He, Lorenzo Cavallaro, Shouling Ji

In this paper, we address this gap by proposing ADD, a practical adversarial Android malware defense framework designed as a plug-in to enhance the adversarial robustness of the ML-based AMD systems against problem space attacks.

Adversarial Robustness Android Malware Detection +1

On the Effectiveness of Adversarial Training on Malware Classifiers

no code implementations24 Dec 2024 Hamid Bostani, Jacopo Cortellazzi, Daniel Arp, Fabio Pierazzi, Veelasha Moonsamy, Lorenzo Cavallaro

In this context, the robustness that AT achieves has often been assessed against unrealistic or weak adversarial attacks, which negatively affect performance on clean data and are arguably no longer threats.

On the Lack of Robustness of Binary Function Similarity Systems

no code implementations5 Dec 2024 Gianluca Capozzi, Tong Tang, Jie Wan, Ziqi Yang, Daniele Cono D'Elia, Giuseppe Antonio Di Luna, Lorenzo Cavallaro, Leonardo Querzoni

Binary function similarity, which often relies on learning-based algorithms to identify what functions in a pool are most similar to a given query function, is a sought-after topic in different communities, including machine learning, software engineering, and security.

Malware Analysis Vulnerability Detection

Context is the Key: Backdoor Attacks for In-Context Learning with Vision Transformers

no code implementations6 Sep 2024 Gorka Abad, Stjepan Picek, Lorenzo Cavallaro, Aitor Urbieta

Then, through data poisoning, we investigate two new threats: i) task-specific backdoors where the attacker chooses a target task to attack, and only the selected task is compromised at test time under the presence of the trigger.

Data Poisoning In-Context Learning

How to Train your Antivirus: RL-based Hardening through the Problem-Space

1 code implementation29 Feb 2024 Ilias Tsingenopoulos, Jacopo Cortellazzi, Branislav Bošanský, Simone Aonzo, Davy Preuveneers, Wouter Joosen, Fabio Pierazzi, Lorenzo Cavallaro

It also makes possible to provide theoretical guarantees on the robustness of the model against a particular set of adversarial capabilities.

Malware Detection

DFIL: Deepfake Incremental Learning by Exploiting Domain-invariant Forgery Clues

1 code implementation18 Sep 2023 Kun Pan, Yin Yifang, Yao Wei, Feng Lin, Zhongjie Ba, Zhenguang Liu, Zhibo Wang, Lorenzo Cavallaro, Kui Ren

However, the accuracy of detection models degrades significantly on images generated by new deepfake methods due to the difference in data distribution.

Continual Learning Contrastive Learning +5

Exploiting Code Symmetries for Learning Program Semantics

no code implementations7 Aug 2023 Kexin Pei, Weichen Li, Qirui Jin, Shuyang Liu, Scott Geng, Lorenzo Cavallaro, Junfeng Yang, Suman Jana

This paper tackles the challenge of teaching code semantics to Large Language Models (LLMs) for program analysis by incorporating code symmetries into the model architecture.

Jigsaw Puzzle: Selective Backdoor Attack to Subvert Malware Classifiers

no code implementations11 Feb 2022 Limin Yang, Zhi Chen, Jacopo Cortellazzi, Feargus Pendlebury, Kevin Tu, Fabio Pierazzi, Lorenzo Cavallaro, Gang Wang

Empirically, we show that existing backdoor attacks in malware classifiers are still detectable by recent defenses such as MNTD.

Backdoor Attack

Realizable Universal Adversarial Perturbations for Malware

no code implementations12 Feb 2021 Raphael Labaca-Castro, Luis Muñoz-González, Feargus Pendlebury, Gabi Dreo Rodosek, Fabio Pierazzi, Lorenzo Cavallaro

Universal Adversarial Perturbations (UAPs), which identify noisy patterns that generalize across the input space, allow the attacker to greatly scale up the generation of such examples.

Malware Classification

Identifying Authorship Style in Malicious Binaries: Techniques, Challenges & Datasets

no code implementations15 Jan 2021 Jason Gray, Daniele Sgandurra, Lorenzo Cavallaro

Attributing a piece of malware to its creator typically requires threat intelligence.

Cryptography and Security

ROPfuscator: Robust Obfuscation with ROP

no code implementations16 Dec 2020 Fukutomo Nakanishi, Giulio De Pasquale, Daniele Ferla, Lorenzo Cavallaro

Software obfuscation plays a crucial role in protecting intellectual property in software from reverse engineering attempts.

Cryptography and Security Software Engineering

Dos and Don'ts of Machine Learning in Computer Security

no code implementations19 Oct 2020 Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro, Konrad Rieck

With the growing processing power of computing systems and the increasing availability of massive datasets, machine learning algorithms have led to major breakthroughs in many different areas.

BIG-bench Machine Learning Computer Security +1

Catch Me (On Time) If You Can: Understanding the Effectiveness of Twitter URL Blacklists

2 code implementations5 Dec 2019 Simon Bell, Kenny Paterson, Lorenzo Cavallaro

In addition, an equally large number of URLs contained within public tweets remain in GSB for at least 150 days, raising questions about potential false positives in the blacklist.

Cryptography and Security

Intriguing Properties of Adversarial ML Attacks in the Problem Space [Extended Version]

no code implementations5 Nov 2019 Jacopo Cortellazzi, Feargus Pendlebury, Daniel Arp, Erwin Quiring, Fabio Pierazzi, Lorenzo Cavallaro

Secondly, building on our general formalization, we propose a novel problem-space attack on Android malware that overcomes past limitations in terms of semantics and artifacts.

BabelView: Evaluating the Impact of Code Injection Attacks in Mobile Webviews

2 code implementations17 Sep 2017 Claudio Rizzo, Lorenzo Cavallaro, Johannes Kinder

A Webview embeds a full-fledged browser in a mobile application and allows the application to expose a custom interface to JavaScript code.

Cryptography and Security Software Engineering

Cannot find the paper you are looking for? You can Submit a new open access paper.