research-article

AI-Powered GUI Attack and Its Defensive Methods

Authors:

Zachary Tuttle,

Carl Jake Thurnau,

Emmanuel MirekuAuthors Info & Claims

ACMSE '20: Proceedings of the 2020 ACM Southeast Conference

Pages 79 - 86

https://doi.org/10.1145/3374135.3385270

Published: 25 May 2020 Publication History

Abstract

Since the first Graphical User Interface (GUI) prototype was invented in the 1970s, GUI systems have been deployed into various personal computer systems and server platforms. Recently, with the development of artificial intelligence (AI) technology, malicious malware powered by AI is emerging as a potential threat to GUI systems. This type of AI-based cybersecurity attack, targeting at GUI systems, is explored in this paper. It is twofold: (1) A malware is designed to attack the existing GUI system by using AI-based object recognition techniques. (2) Its defensive methods are discovered by generating adversarial examples and other methods to alleviate the threats from the intelligent GUI attack. The results have shown that a generic GUI attack can be implemented and performed in a simple way based on current AI techniques and its countermeasures are temporary but effective to mitigate the threats of GUI attack so far.

References

[1]

E. Beqiri. 2009. Neural Networks For Intrusion Detection Systems. In International Conference on Global Security, Safety, and Sustainability. Springer, 156--165.

[2]

A. K. Boyat and B. K. Joshi. 2015. A Review Paper: Noise Models in Digital Image Processing. CoRR abs/1505.03489 (2015). arXiv:1505.03489 http://arxiv.org/abs/1505.03489

[3]

N. Carlini and D. A. Wagner. 2016. Defensive Distillation is Not Robust to Adversarial Examples. CoRR abs/1607.04311 (2016). arXiv:1607.04311 http://arxiv.org/abs/1607.04311

[4]

N. Carlini and D. A. Wagner. 2016. Towards Evaluating the Robustness of Neural Networks. CoRR abs/1608.04644 (2016). arXiv:1608.04644 http://arxiv.org/abs/1608.04644

[5]

Q. Ding, Z. Li, S. Haeri, and L. Trajković. 2018. Application Of Machine Learning Techniques To Detecting Anomalies In Communication Networks: Datasets And Feature Selection Algorithms. In Cyber Threat Intelligence. Springer, 47--70.

[6]

M. Du, N. Liu, and X. Hu. 2020. Techniques For Interpretable Machine Learning. Commun. ACM 63, 1 (2020), 68--77. https://doi.org/10.1145/3359786

Digital Library

[7]

I. Goodfellow, P. McDaniel, and N. Papernot. 2018. Making Machine Learning Robust Against Adversarial Inputs. Commun. ACM 61, 7 (June 2018), 56--66. https://doi.org/10.1145/3134599

Digital Library

[8]

G. Karatas and O. K. Sahingoz. 2018. Neural Network Based Intrusion Detection Systems With Different Training Functions. In 2018 6th International Symposium on Digital Forensic and Security (ISDFS). 1--6. https://doi.org/10.1109/ISDFS.2018.8355327

[9]

D. Kirat, J. Jang, and M. P. Stoecklin. 2018. DeepLocker Concealing Targeted Attacks with AI Locksmithing.

[10]

A. Kurakin, I. J. Goodfellow, and S. Bengio. 2016. Adversarial Machine Learning at Scale. CoRR abs/1611.01236 (2016). arXiv:1611.01236

[11]

X. Li, S. Ji, M. Han, J. Ji, Z. Ren, Y. Liu, and C. Wu. 2019. Adversarial Examples versus Cloud-based Detectors: A Black-box Empirical Study. arXiv preprint arXiv:1901.01223 (2019).

[12]

S. Palka and D. McCoy. 2015. Fuzzing E-mail Filters With Generative Grammars And N-gram Analysis. In 9th USENIX Workshop on Offensive Technologies (WOOT 15).

[13]

N. Papernot, P. McDaniel, and I. Goodfellow. 2016. Transferability In Machine Learning: From Phenomena To Black-box Attacks Using Adversarial Samples. arXiv preprint arXiv:1605.07277 (2016).

[14]

N. Papernot, P. D. McDaniel, X. Wu, S. Jha, and A. Swami. 2015. Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks. CoRR abs/1511.04508 (2015). arXiv:1511.04508

[15]

D. Petro and B. Morris. 2017. Weaponizing Machine Learning: Humanity was Overrated Anyway. DEF CON 2017.

[16]

M. Rege and R. B. K Mbah. 2018. Machine Learning For Cyber Defense And Attack. DATA ANALYTICS 2018 (2018), 83.

[17]

A. Rosenfeld, R. Zemel, and J. K Tsotsos. 2018. The Elephant In The Room. arXiv preprint arXiv:1808.03305 (2018).

[18]

A. Shenfield, D. Day, and A. Ayesh. 2018. Intelligent Intrusion Detection Systems Using Artificial Neural Networks. ICT Express 4, 2 (2018), 95 - 99. https: //doi.org/10.1016/j.icte.2018.04.003

[19]

C. Shi, X. Xu, S. Ji, K. Bu, J. Chen, R. A. Beyah, and T. Wang. 2019. Adversarial CAPTCHAs. CoRR abs/1901.01107 (2019). arXiv:1901.01107

[20]

S. N. Shukla, A. K. Sahu, D. Willmott, and J. Z. Kolter. 2019. Black-box Adversarial Attacks with Bayesian Optimization. arXiv preprint arXiv:1909.13857 (2019).

[21]

A. Singh and V. Thaware. 2017. Wire Me Through Machine Learning.

[22]

H. M. Song, J. Woo, and H. K. Kim. 2020. In-vehicle Network Intrusion Detection Using Deep Convolutional Neural Network. Vehicular Communications 21 (2020), 100198. https://doi.org/10.1016/j.vehcom.2019.100198

Digital Library

[23]

K. Uehara, K. Mukaiyama, M. Fujita, H. Nishikawa, T. Yamamoto, K. Kawauchi, and M. Nishigaki. 2020. Basic Study on Targeted E-mail Attack Method Using OSINT. In Advanced Information Networking and Applications, Leonard Barolli, Makoto Takizawa, Fatos Xhafa, and Tomoya Enokido (Eds.). Springer International Publishing, Cham, 1329--1341.

[24]

C. Yin, Y. Zhu, J. Fei, and X. He. 2017. A Deep Learning Approach For Intrusion Detection Using Recurrent Neural Networks. IEEE ACCESS 5 (2017), 21954--21961.

[25]

N. Yu and K. Darling. 2019. A Low-Cost Approach to Crack Python CAPTCHAs Using AI-Based Chosen-Plaintext Attack. Applied Sciences 9, 10 (2019), 2010.

[26]

X. Yuan, P. He, Q. Zhu, R. R. Bhat, and X. Li. 2017. Adversarial Examples: Attacks and Defenses for Deep Learning. CoRR abs/1712.07107 (2017). arXiv:1712.07107

[27]

R. Zhang, X. Chen, J. Lu, S. Wen, S. Nepal, and Y. Xiang. 2018. Using AI to Hack IA: A New Stealthy Spyware Against Voice Assistance Functions in Smart Phones. CoRR abs/1805.06187 (2018). arXiv:1805.06187

Cited By

Kumar SGupta USingh ASingh A(2023)Artificial IntelligenceJournal of Computers, Mechanical and Management10.57159/gadl.jcmm.2.3.230642:3(31-42)Online publication date: 31-Aug-2023
https://doi.org/10.57159/gadl.jcmm.2.3.23064
Gaber MAhmed MJanicke H(2023)Malware Detection with Artificial Intelligence: A Systematic Literature ReviewACM Computing Surveys10.1145/363855256:6(1-33)Online publication date: 28-Dec-2023
https://dl.acm.org/doi/10.1145/3638552
Fritsch LJaber AYazidi A(2023)An Overview of Artificial Intelligence Used in MalwareNordic Artificial Intelligence Research and Development10.1007/978-3-031-17030-0_4(41-51)Online publication date: 2-Feb-2023
https://doi.org/10.1007/978-3-031-17030-0_4
Show More Cited By

Recommendations

Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain

In recent years, machine learning algorithms, and more specifically deep learning algorithms, have been widely used in many fields, including cyber security. However, machine learning systems are vulnerable to adversarial attacks, and this limits the ...
Adversarial examples: A survey of attacks and defenses in deep learning-enabled cybersecurity systems
Abstract
Over the last few years, the adoption of machine learning in a wide range of domains has been remarkable. Deep learning, in particular, has been extensively used to drive applications and services in specializations such as computer vision, ...
Highlights
- A taxonomy of cybersecurity applications is established.
- Adversarial machine learning is systematically overviewed.
- An extensive, curated list of cybersecurity-related datasets is provided.
- Methods for generating adversarial ...
Feature-Indistinguishable Attack to Circumvent Trapdoor-Enabled Defense
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

Deep neural networks (DNNs) are vulnerable to adversarial attacks. A great effort has been directed to developing effective defenses against adversarial attacks and finding vulnerabilities of proposed defenses. A recently proposed defense called ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ACMSE '20: Proceedings of the 2020 ACM Southeast Conference

April 2020

337 pages

ISBN:9781450371056

DOI:10.1145/3374135

Conference Chair:
Morris Chang,
Program Chair:
Dan Lo,
Publications Chair:
Eric Gamess

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

ACM: Association for Computing Machinery

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 May 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ACM SE '20

Sponsor:

ACM

ACM SE '20: 2020 ACM Southeast Conference

April 2 - 4, 2020

FL, Tampa, USA

Acceptance Rates

Overall Acceptance Rate 502 of 1,023 submissions, 49%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
272
Total Downloads

Downloads (Last 12 months)48
Downloads (Last 6 weeks)4

Reflects downloads up to 18 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Kumar SGupta USingh ASingh A(2023)Artificial IntelligenceJournal of Computers, Mechanical and Management10.57159/gadl.jcmm.2.3.230642:3(31-42)Online publication date: 31-Aug-2023
https://doi.org/10.57159/gadl.jcmm.2.3.23064
Gaber MAhmed MJanicke H(2023)Malware Detection with Artificial Intelligence: A Systematic Literature ReviewACM Computing Surveys10.1145/363855256:6(1-33)Online publication date: 28-Dec-2023
https://dl.acm.org/doi/10.1145/3638552
Fritsch LJaber AYazidi A(2023)An Overview of Artificial Intelligence Used in MalwareNordic Artificial Intelligence Research and Development10.1007/978-3-031-17030-0_4(41-51)Online publication date: 2-Feb-2023
https://doi.org/10.1007/978-3-031-17030-0_4
Terneva ZVladimirov INikolova D(2021)Accessing LinkedIn and Google E-mail Databases Using Kali Linux and TheHarvester2021 56th International Scientific Conference on Information, Communication and Energy Systems and Technologies (ICEST)10.1109/ICEST52640.2021.9483460(59-62)Online publication date: 16-Jun-2021
https://doi.org/10.1109/ICEST52640.2021.9483460

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten