?url_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Adc&rft.title=Evadiendo+detectores+de+malware+basados+en+redes+neuronales&rft.creator=Yuste+Moure%2C+Javier&rft.contributor=Garc%C3%ADa+Pardo%2C+Eduardo&rft.subject=Computer+Science&rft.description=El+crecimiento+del+n%C3%BAmero+de+programas+maliciosos+y+su+complejidad%2C+en+los+%C3%BAltimos+tiempos%2C+ha+demostrado+la+insostenibilidad+de+la+posici%C3%B3n+reactiva+adoptada+por+la+industria.+En+este+contexto%2C+las+t%C3%A9cnicas+de+aprendizaje+autom%C3%A1tico+se+muestran+prometedoras.+Actualmente%2C+se+han+presentado+arquitecturas+de+redes+neuronales+que+operan+sobre+los+bytes+de+los+programas+sospechosos.+Estos+modelos+son+capaces+de+aprender+de+las+muestras+a+clasificar+de+forma+directa%2C+eliminando+la+necesidad+de+extraer+previamente+informaci%C3%B3n+de+los+programas.+Entre+las+t%C3%A9cnicas+de+aprendizaje+autom%C3%A1tico%2C+las+basadas+en+Redes+de+Neuronas+Artificiales+(RNA)+se+han+mostrado+de+gran+utilidad+recientemente.+Sin+embargo%2C+las+RNA+se+muestran+vulnerables+a+ataques.+Aunque+las+redes+neuronales+se+entrenan+con+la+premisa+de+que+la+distribuci%C3%B3n+de+los+datos+de+entrenamiento+es+similar+a+la+distribuci%C3%B3n+de+los+datos+en+el+entorno+real%2C+este+supuesto+se+incumple+cuando+la+red+se+enfrenta+a+un+atacante+motivado%2C+que+introduce+perturbaciones+en+las+muestras+(adversarial+examples)+con+la+intenci%C3%B3n+de+lograr+una+inferencia+err%C3%B3nea+por+parte+de+la+red.+En+este+trabajo%2C+se+propone+un+mecanismo+para+evaluar+la+robustez+de+los+modelos+que+reciben+como+entrada+los+bytes+del+binario+a+clasificar.+Mediante+una+aproximaci%C3%B3n+de+caja+negra%2C+el+m%C3%A9todo+propuesto+es+capaz+de+encontrar+variantes+evasivas+y+completamente+funcionales%2C+introduciendo+bytes+optimizados+mediante+la+utilizaci%C3%B3n+de+Algoritmos+Gen%C3%A9ticos+en+diferentes+lugares+del+binario.+El+modelo+propuesto+se+ha+evaluado+para+analizar+la+robustez+de+una+red+disponible+en+el+estado+del+arte+y+de+reciente+creaci%C3%B3n+(MalConv)+para+la+que+el+modelo+es+capaz+de+encontrar+muestras+evasivas+hasta+en+un+81%25+de+los+casos.+Para+realizar+la+experimentaci%C3%B3n%2C+se+ha+recopilado+y+curado+un+dataset+de+3.035+programas+maliciosos+en+formato+PE32+recogidos+durante+el+a%C3%B1o+2019.+Abstract%3A+The+growing+amount+of+malicious+programs+and+its++ncreasing+complexity+have+shown+the+unsustainability+of+the+reactive+position+adopted+by+the+industry+in+previous+years.+Thus%2C+machine+learning+techniques+have+been+widely+adopted%2C+thanks+to+their+high+detection+rates.+In+recent+years%2C+novel+binary+classiffication+approaches+have+been+proposed+to+operate+at+raw+bytes+level.+These++architectures+are+able+to+learn+from+the+input+samples+in+a+direct+way%2C+eliminating+the+need+to+obtain++information+from+the+given+binaries+prior+to+their+classiffication.+Artifficial+Neural+Networks+(ANN)%2C+a+machine+learning+technique%2C+have+been+shown+successful+on+the+problem+of+detecting+malicious+programs.+However%2C+these+methods+are+vulnerable+by+nature.+The+premise+of+ANN+is+that+the+distribution+of+data+in+training+samples+is+similar+to+that+of+real+binaries+at+test+time.++Nevertheless%2C+this+premise+is+broken+when+the+ANN+is+confronted+with+a+motivated+adversary.+In+this+work%2C+a+general+mechanism+to+evaluate+neural+nets+robustness+against+adversarial+examples+is+proposed.+Being+capable+of+evaluating+classiffiers+based+on+raw+bytes%2C+this+approach+is+model-agnostic.+By+a+black-box+approximation%2C+it+is+able+to+find+evasive+samples%2C+while+preserving+their+malicious+functionality%2C+by+introducing+optimized+bytes+using+genetic+algorithms+at+different+addresses+within+the+given+files.+The+proposed+model+is+evaluated+against+a+well-known+state-of-the-art+architecture+(MalConv)+for+which+we+are+able+to+evade+up+to+81%25+of+the+binaries+tested.+To+perform+the+experiments%2C+we+collected+and+curated+a+dataset+formed+by+3.036+different+PE32+malware+samples+obtained+during+year+2019.&rft.publisher=E.T.S.I+de+Sistemas+Inform%C3%83%C2%A1ticos+(UPM)&rft.rights=https%3A%2F%2Fcreativecommons.org%2Flicenses%2Fby-nc-nd%2F3.0%2Fes%2F&rft.date=2019-07&rft.type=info%3Aeu-repo%2Fsemantics%2FbachelorThesis&rft.type=Final+Project&rft.type=PeerReviewed&rft.format=application%2Fzip&rft.language=spa&rft.format=application%2Fpdf&rft.language=spa&rft.rights=info%3Aeu-repo%2Fsemantics%2FrestrictedAccess&rft.identifier=https%3A%2F%2Foa.upm.es%2F56441%2F