Recent advances in artificial intelligence (AI) are radically changing how systems and applications are designed and developed. In this context, new requirements and regulations emerge, such as the AI Act, placing increasing focus on strict non-functional requirements, such as privacy and robustness, and how they are verified. Certification is considered the most suitable solution for non-functional verification of modern distributed systems, and is increasingly pushed forward in the verification of AI-based applications. In this paper, we present a novel dynamic malware detector driven by the requirements in the AI Act, which goes beyond standard support for high accuracy, and also considers privacy and robustness. Privacy aims to limit the need of malware detectors to examine the entire system in depth requiring administrator-level permissions; robustness refers to the ability to cope with malware mounting evasion attacks to escape detection. We then propose a certification scheme to evaluate non-functional properties of malware detectors, which is used to comparatively evaluate our malware detector and two representative deep-learning solutions in literature.

Bena, N., Anisetti, M., Gianini, G., Ardagna, C. (2024). Certifying Accuracy, Privacy, and Robustness of ML-Based Malware Detection. SN COMPUTER SCIENCE, 5(6) [10.1007/s42979-024-03024-8].

Certifying Accuracy, Privacy, and Robustness of ML-Based Malware Detection

Gianini, Gabriele;
2024

Abstract

Recent advances in artificial intelligence (AI) are radically changing how systems and applications are designed and developed. In this context, new requirements and regulations emerge, such as the AI Act, placing increasing focus on strict non-functional requirements, such as privacy and robustness, and how they are verified. Certification is considered the most suitable solution for non-functional verification of modern distributed systems, and is increasingly pushed forward in the verification of AI-based applications. In this paper, we present a novel dynamic malware detector driven by the requirements in the AI Act, which goes beyond standard support for high accuracy, and also considers privacy and robustness. Privacy aims to limit the need of malware detectors to examine the entire system in depth requiring administrator-level permissions; robustness refers to the ability to cope with malware mounting evasion attacks to escape detection. We then propose a certification scheme to evaluate non-functional properties of malware detectors, which is used to comparatively evaluate our malware detector and two representative deep-learning solutions in literature.
Articolo in rivista - Articolo scientifico
Machine Learning; Malware Detection; Certification; Accuracy; Privacy; Robustness
English
11-lug-2024
2024
5
6
710
open
Bena, N., Anisetti, M., Gianini, G., Ardagna, C. (2024). Certifying Accuracy, Privacy, and Robustness of ML-Based Malware Detection. SN COMPUTER SCIENCE, 5(6) [10.1007/s42979-024-03024-8].
File in questo prodotto:
File Dimensione Formato  
Bena-2024-SNCS-VoR.pdf

accesso aperto

Tipologia di allegato: Publisher’s Version (Version of Record, VoR)
Licenza: Creative Commons
Dimensione 1.42 MB
Formato Adobe PDF
1.42 MB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/10281/494739
Citazioni
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
Social impact