www.crowdstrike.com
Open in
urlscan Pro
2606:4700::6810:f3e7
Public Scan
URL:
https://www.crowdstrike.com/blog/how-crowdstrike-boosts-machine-learning-efficacy-against-adversarial-samples/?utm_source=re...
Submission Tags: falconsandbox
Submission: On August 23 via api from US — Scanned from DE
Submission Tags: falconsandbox
Submission: On August 23 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
*
*
*
*
*
*
BLOG
* Featured
* Adversaries Can “Log In with Microsoft” through the nOAuth Azure Active
Directory Vulnerability
Jul 14, 2023
* Welcome to the Adversary Universe Podcast: Unmasking the Threat Actors
Targeting Your Organization
Jul 13, 2023
* CrowdStrike Expands XDR Ecosystem to Give Customers a Data Advantage
Jul 13, 2023
* July 2023 Patch Tuesday: Six Actively Exploited Zero-Days and Nine Critical
Vulnerabilities Identified
Jul 11, 2023
* Recent
* Adversaries Can “Log In with Microsoft” through the nOAuth Azure Active
Directory Vulnerability
Jul 14, 2023
* Welcome to the Adversary Universe Podcast: Unmasking the Threat Actors
Targeting Your Organization
Jul 13, 2023
* CrowdStrike Expands XDR Ecosystem to Give Customers a Data Advantage
Jul 13, 2023
* July 2023 Patch Tuesday: Six Actively Exploited Zero-Days and Nine Critical
Vulnerabilities Identified
Jul 11, 2023
* Videos
* Video Highlights the 4 Key Steps to Successful Incident Response
Dec 02, 2019
* Mac Attacks Along the Kill Chain: Credential Theft [VIDEO]
Apr 19, 2019
* Mac Attacks Along the Kill Chain: Part 2 — Privilege Escalation [VIDEO]
Apr 12, 2019
* Mac Attacks Along the Kill Chain: Part 1 — Delivery Using URL Schemes
Apr 02, 2019
* Categories
* Endpoint & Cloud Security
Endpoint & Cloud Security
Welcome to the Adversary Universe Podcast: Unmasking the Threat Actors
Targeting Your Organization
07/13/2023
CrowdStrike Expands XDR Ecosystem to Give Customers a Data Advantage
07/13/2023
July 2023 Patch Tuesday: Six Actively Exploited Zero-Days and Nine Critical
Vulnerabilities Identified
07/11/2023
Why Customers Are Consolidating Cybersecurity with CrowdStrike
07/10/2023
* Engineering & Tech
Engineering & Tech
How CrowdStrike Uses Similarity-Based Mapping to Understand Cybersecurity
Data and Prevent Breaches
06/28/2023
Cracking the Code of AI Decision Making: Harnessing the Power of SHAP
Values
06/13/2023
CrowdStrike’s Artificial Intelligence Tooling Uses Similarity Search to
Analyze Script-Based Malware Attack Techniques
03/23/2023
CrowdStrike’s Free TensorFlow-to-Rust Conversion Tool Enables Data
Scientists to Run Machine Learning Models as Pure Safe Code
03/02/2023
* Executive Viewpoint
Executive Viewpoint
CrowdStrike Named a Leader with “Exceptional” MDR Service: 2023 Forrester
Wave for MDR
05/18/2023
CrowdStrike and Dell: Making Cybersecurity Fast and Frictionless
03/23/2023
Three Times a Leader: CrowdStrike Named a Leader in Gartner® Magic
Quadrant™ for Endpoint Protection Platforms
03/02/2023
CrowdStrike 2023 Global Threat Report: Resilient Businesses Fight
Relentless Adversaries
02/28/2023
* From The Front Lines
From The Front Lines
Business as Usual: Falcon Complete MDR Thwarts Novel VANGUARD PANDA (Volt
Typhoon) Tradecraft
06/22/2023
Discovering the MOVEit Vulnerability with the CrowdStrike Falcon Platform
06/21/2023
Adversaries Go Hands-On in Japan: Know the Threat and Know the Solution
06/12/2023
Movin’ Out: Identifying Data Exfiltration in MOVEit Transfer Investigations
06/05/2023
* Identity Protection
Identity Protection
Adversaries Can “Log In with Microsoft” through the nOAuth Azure Active
Directory Vulnerability
07/14/2023
Relentless Threat Activity Puts Identities in the Crosshairs
05/01/2023
CrowdStrike Extends Identity Security Innovations to Protect Customers and
Stop Breaches
03/20/2023
Attackers Set Sights on Active Directory: Understanding Your Identity
Exposure
12/14/2022
* Observability & Log Management
Observability & Log Management
How to Augment or Replace Your SIEM with the CrowdStrike Falcon Platform
07/11/2023
Top 5 SIEM Use Cases CrowdStrike Falcon LogScale Solves Today
06/23/2023
Introducing CrowdStream: Simplifying XDR Adoption and Solving Security’s
Data Challenge
04/21/2023
Make Compliance a Breeze with Modern Log Management
02/07/2023
* People & Culture
People & Culture
Supporting Our Heroes: SkillBridge Program Connects Veterans with
CrowdStrike Internships
06/06/2023
VP of Legal Jeanne Miller-Romero on Women’s History Month and Being a Woman
in Leadership
03/22/2023
What International Women’s Day Means to Women of CrowdStrike
03/07/2023
What Martin Luther King Jr. Day Means to Leaders of CrowdStrike’s Black
Employee Resource Group
01/13/2023
* Remote Workplace
Remote Workplace
CrowdStrike Changes Designation of Principal Executive Office to Austin,
Texas
12/28/2021
CrowdStrike and EY Join Forces to Boost Organizational Resiliency
05/24/2021
Go Beyond the Perimeter: Frictionless Zero Trust With CrowdStrike and
Zscaler
03/29/2021
Flexible Policy Management for Remote Systems
07/08/2020
* Research & Threat Intel
Research & Threat Intel
Making Sense of the Dark Web with Falcon Intelligence Recon+
06/09/2023
Hypervisor Jackpotting, Part 3: Lack of Antivirus Support Opens the Door to
Adversary Attacks
05/15/2023
CrowdStrike Falcon Platform Detects and Prevents Active Intrusion Campaign
Targeting 3CXDesktopApp Customers
03/29/2023
QakBot eCrime Campaign Leverages Microsoft OneNote Attachments
03/17/2023
* Tech Center
Tech Center
How to Complete Your LogScale Observability Strategy with Grafana
05/15/2023
Securing private applications with CrowdStrike Zero Trust Assessment and
AWS Verified Access
04/18/2023
How to Manage USB Devices
03/22/2023
How to Speed Investigations with Falcon Forensics
03/10/2023
* Start Free Trial
* Endpoint & Cloud Security
Endpoint & Cloud Security
Welcome to the Adversary Universe Podcast: Unmasking the Threat Actors
Targeting Your Organization
07/13/2023
CrowdStrike Expands XDR Ecosystem to Give Customers a Data Advantage
07/13/2023
July 2023 Patch Tuesday: Six Actively Exploited Zero-Days and Nine Critical
Vulnerabilities Identified
07/11/2023
Why Customers Are Consolidating Cybersecurity with CrowdStrike
07/10/2023
* Engineering & Tech
Engineering & Tech
How CrowdStrike Uses Similarity-Based Mapping to Understand Cybersecurity
Data and Prevent Breaches
06/28/2023
Cracking the Code of AI Decision Making: Harnessing the Power of SHAP
Values
06/13/2023
CrowdStrike’s Artificial Intelligence Tooling Uses Similarity Search to
Analyze Script-Based Malware Attack Techniques
03/23/2023
CrowdStrike’s Free TensorFlow-to-Rust Conversion Tool Enables Data
Scientists to Run Machine Learning Models as Pure Safe Code
03/02/2023
* Executive Viewpoint
Executive Viewpoint
CrowdStrike Named a Leader with “Exceptional” MDR Service: 2023 Forrester
Wave for MDR
05/18/2023
CrowdStrike and Dell: Making Cybersecurity Fast and Frictionless
03/23/2023
Three Times a Leader: CrowdStrike Named a Leader in Gartner® Magic
Quadrant™ for Endpoint Protection Platforms
03/02/2023
CrowdStrike 2023 Global Threat Report: Resilient Businesses Fight
Relentless Adversaries
02/28/2023
* From The Front Lines
From The Front Lines
Business as Usual: Falcon Complete MDR Thwarts Novel VANGUARD PANDA (Volt
Typhoon) Tradecraft
06/22/2023
Discovering the MOVEit Vulnerability with the CrowdStrike Falcon Platform
06/21/2023
Adversaries Go Hands-On in Japan: Know the Threat and Know the Solution
06/12/2023
Movin’ Out: Identifying Data Exfiltration in MOVEit Transfer Investigations
06/05/2023
* Identity Protection
Identity Protection
Adversaries Can “Log In with Microsoft” through the nOAuth Azure Active
Directory Vulnerability
07/14/2023
Relentless Threat Activity Puts Identities in the Crosshairs
05/01/2023
CrowdStrike Extends Identity Security Innovations to Protect Customers and
Stop Breaches
03/20/2023
Attackers Set Sights on Active Directory: Understanding Your Identity
Exposure
12/14/2022
* Observability & Log Management
Observability & Log Management
How to Augment or Replace Your SIEM with the CrowdStrike Falcon Platform
07/11/2023
Top 5 SIEM Use Cases CrowdStrike Falcon LogScale Solves Today
06/23/2023
Introducing CrowdStream: Simplifying XDR Adoption and Solving Security’s
Data Challenge
04/21/2023
Make Compliance a Breeze with Modern Log Management
02/07/2023
* People & Culture
People & Culture
Supporting Our Heroes: SkillBridge Program Connects Veterans with
CrowdStrike Internships
06/06/2023
VP of Legal Jeanne Miller-Romero on Women’s History Month and Being a Woman
in Leadership
03/22/2023
What International Women’s Day Means to Women of CrowdStrike
03/07/2023
What Martin Luther King Jr. Day Means to Leaders of CrowdStrike’s Black
Employee Resource Group
01/13/2023
* Remote Workplace
Remote Workplace
CrowdStrike Changes Designation of Principal Executive Office to Austin,
Texas
12/28/2021
CrowdStrike and EY Join Forces to Boost Organizational Resiliency
05/24/2021
Go Beyond the Perimeter: Frictionless Zero Trust With CrowdStrike and
Zscaler
03/29/2021
Flexible Policy Management for Remote Systems
07/08/2020
* Research & Threat Intel
Research & Threat Intel
Making Sense of the Dark Web with Falcon Intelligence Recon+
06/09/2023
Hypervisor Jackpotting, Part 3: Lack of Antivirus Support Opens the Door to
Adversary Attacks
05/15/2023
CrowdStrike Falcon Platform Detects and Prevents Active Intrusion Campaign
Targeting 3CXDesktopApp Customers
03/29/2023
QakBot eCrime Campaign Leverages Microsoft OneNote Attachments
03/17/2023
* Tech Center
Tech Center
How to Complete Your LogScale Observability Strategy with Grafana
05/15/2023
Securing private applications with CrowdStrike Zero Trust Assessment and
AWS Verified Access
04/18/2023
How to Manage USB Devices
03/22/2023
How to Speed Investigations with Falcon Forensics
03/10/2023
* Featured
* Recent
* Videos
* Categories
* Start Free Trial
LEVERAGING THE DARK SIDE: HOW CROWDSTRIKE BOOSTS MACHINE LEARNING EFFICACY
AGAINST ADVERSARIES
May 9, 2023
Denis Rozimovschii Endpoint & Cloud Security
* Adversarial machine learning (ML) attacks can compromise a ML model’s
effectiveness and ability to detect malware through strategies such as using
static ML evasion to modify known malware variants
* CrowdStrike improves detection capabilities by red teaming our own ML malware
classifiers using automated tools that generate new adversarial samples
* CrowdStrike’s Adversarial Pipeline can automatically generate millions of
unique adversarial samples based on a series of generators with configurable
attacks
* Using new, out-of-sample adversarial samples in ML model training data has
shown a 19% increase in retention of malware samples at high confidence
levels
The power of the CrowdStrike Falcon® platform lies in its ability to detect and
protect customers from new and unknown threats by leveraging the power of the
cloud and expertly built machine learning (ML) models.
In real-world conditions and in independent third-party evaluations, Falcon’s
on-sensor and cloud ML capabilities consistently achieve excellent results
across Windows, Linux and macOS platforms. This is especially impressive given
ML uses no signatures, enabling the Falcon platform to identify malicious intent
based solely on file attributes. The results reflect the effectiveness of
CrowdStrike’s multilevel ML approach, which incorporates not only file analysis
but also behavioral analysis and indicators of attack (IOAs).
However, ML is not infallible. It is susceptible to adversarial attacks from
humans and from other ML algorithms. Examples of the latter include introducing
compromised data during the training process or subtly modifying existing
malware versions.
CrowdStrike’s Adversarial Pipeline is a tool that combats one of the most
commonly used adversarial ML tactics: static ML evasion. Our research team can
use this pipeline to generate a large volume of new and unique adversarial
samples using a series of generators with configurable attacks to simulate new
and modified versions of known malware. These samples are used to train our ML
models to significantly increase their efficacy in detecting cyberattacks that
employ static ML evasion.
The industry-leading CrowdStrike Falcon platform sets the new standard in
cybersecurity. Watch this demo to see the Falcon platform in action.
THE GROWING THREAT OF ADVERSARIAL ML ATTACKS
As recently as five years ago, adversarial ML attacks were relatively rare, but
by 2020, the threat had increased to the point that MITRE released its ATLAS
(Adversarial Threat Landscape for Artificial-Intelligence Systems) Threat
Matrix.
Adversarial ML, or adversarial attacks, involve a broad set of methods to trick
ML into providing unexpected or wrong outputs. Some examples are:
1. Forcing a classifier to say a picture of a panda is a gibbon by making
targeted mathematical modifications to the panda image
2. Appending some text extracted from a clean Windows executable to a detected
malicious file to fool a classifier into thinking it’s clean
3. Breaching and sneaking into the internal network of a company and inserting
a few million pictures of traffic lights that are labeled as “duck” into the
image database
Attacks can be executed from multiple stages of the model’s development life
cycle. Data can be weaponized during training by injecting incorrectly labeled
data into the training set, as MITRE states, or during classification by
crafting data that would exploit the model (and any others subsequently trained
using that corpus). Existing malware can be modified to evade detection by ML
models scanning for specific signatures. Not surprisingly, these methods can be
chained, combined and merged to increase the effectiveness of the attack. The
result of a successful adversarial ML attack is malware that is able to
stealthily evade a trained and production-ready ML model.
It’s no wonder the subject of adversarial attacks has gained so much interest
across the field of ML, including malware detection, object recognition,
autonomous driving, medical systems and other applications. Researchers across
the ML spectrum have been working to improve model robustness and detect
adversarial attacks based on malicious input.
In security terms, fully undetectable malware is malicious software never before
seen in the wild. It therefore cannot be detected by antivirus software that
relies on a database of known virus definitions or signatures. Modifying samples
of existing malware to achieve fully undetectable malware or to avoid a
designated antivirus detection (static or ML-enabled) is one of the oldest
tricks in the book used by red teams and attackers.
Small, targeted changes in the analyzed sample can lead to drastically different
results in detection efficacy. Static, rule-based detections are also
susceptible to this type of attack, which has been successfully applied in the
wild by Emotet and other sophisticated threat actors.
A research paper published in March 2022 outlines the challenge in combating
this form of adversarial malware:
“The traditional approach — based on analysis of static signatures of the
malware binary (e.g., hashes) — is increasingly rendered ineffective by
polymorphism and the widespread availability of program obfuscation tools. Using
such tools, malware creators can quickly generate thousands of binary variants
of functionally identical samples, effectively circumventing signature-based
approaches.”
CrowdStrike has stringent processes for protecting our corpus against
adversarial ML attacks. Our threat researchers also employ advanced techniques
to defend against them. Next, we explore CrowdStrike’s Adversarial Pipeline
tool, one method we use to continually enhance detection coverage.
WILL THE REAL ADVERSARIAL GENERATORS PLEASE STAND UP?
CrowdStrike improves the detection capabilities of its ML models by essentially
red teaming our own classifiers. While dynamic adversarial emulation and other
standard methods to exploit ML are employed as part of red teaming, the
CrowdStrike Adversarial Pipeline stands out as a unique and highly advanced
approach. Designed to be automated and extensible, it allows us to rapidly
integrate different attacks described by our own threat research team, or by
outside open source researchers (the open source community is booming with
methods to evade ML models).
Figure 1. Framework for hardening models against adversarial attacks (click to
enlarge)
The CrowdStrike Adversarial Pipeline’s architecture consists of different
“generators” for the supported file formats with a configurable list of attacks.
For example, generators could add to the malware sample an entire megabyte of
random English words or sections of clean code without impacting its
functionality. These generators work in parallel to provide a flexible tool for
generating adversarial samples that can fit into the classifier. The Adversarial
Pipeline can support fast generation of millions of unique samples, making it an
extremely powerful tool. And, to improve the robustness or stability of ML
classifiers, the generated samples are actually executable binaries that can be
executed on the Falcon sensor. In contrast, other mathematical methods use
perturbation techniques that render sterile adversarial samples.
Figure 2. Examples of adversarial attack generators for various file types
(click to enlarge)
THE BRIGHT SIDE
The situation may seem grim and stacked against protectors, but the good news is
that it’s possible to strengthen each stage of ML model development against
adversarial attacks. CrowdStrike threat researchers employ multiple tactics,
such as cleaning the corpus, deduplication, adding adversarial samples in the
training data and improving feature extraction capabilities.
In addition, because they recognize that static ML is only one layer of defense,
CrowdStrike threat researchers use ML on behaviors, IOAs and AI-powered IOAs to
provide additional protection layers that in unison are difficult to circumvent.
This comprehensive approach to protection is why the CrowdStrike Falcon platform
continues to lead the industry, including winning the first-ever SE Labs AAA
Advanced Security (Ransomware) Award, achieving 100% ransomware prevention with
zero false positives.
See for yourself how the industry-leading CrowdStrike Falcon platform protects
against modern threats. Start your 15-day free trial today.
THE VALUE OF GENERATING ADVERSARIAL SAMPLES
Inclusion of new, out-of-sample adversarial samples in ML model training data
has shown an increase of 19% in retention of malware samples at high confidence
levels. It does so while showing little deviation from the original sample
decision value, thus limiting the impact of the attack itself.
In a subset of data selected to closely mirror characteristics of real-world
samples, an experimental detection true positive rate (TPR) of 80% was increased
over the course of several steps to 90% at a fixed false positive rate (FPR)
through the progressive addition of more adversarial samples in the model
training process. This performance improvement was observed not only at a single
FPR but across a wide range. A representation of the results is shown in Figure
3.
Figure 3. True positive rate (TPR) performance improvement through the
progressive addition of more adversarial samples in the model training process
(click to enlarge)
A MINDSET FOR CONTINUOUS RESEARCH
This research highlights the value of the CrowdStrike Adversarial Pipeline’s
ability to generate variations of “new” adversarial samples for enhancing the
detection coverage and efficacy of CrowdStrike’s ML models. Using this tool in
the model training process ensures that our models continuously increase their
effectiveness against adversarial attacks that employ the fully undetectable
malware ML strategy.
CrowdStrike researchers constantly explore theoretical and applied ML research
to advance and improve detection and efficacy capabilities of our ML models,
setting the industry standard in protecting customers from sophisticated threats
and adversaries to stop breaches.
ADDITIONAL RESOURCES
* Read about how machine learning is used in cybersecurity.
* Learn more about the CrowdStrike Falcon platform by visiting the product
webpage.
* Test CrowdStrike next-gen AV for yourself. Start your free trial of
CrowdStrike Falcon® Prevent next-gen antivirus today.
* Tweet
* Share
RELATED CONTENT
WELCOME TO THE ADVERSARY UNIVERSE PODCAST: UNMASKING THE THREAT ACTORS TARGETING
YOUR ORGANIZATION
HOW CROWDSTRIKE USES SIMILARITY-BASED MAPPING TO UNDERSTAND CYBERSECURITY DATA
AND PREVENT BREACHES
BEHIND THE CURTAIN: FALCON OVERWATCH HUNTING LEADS EXPLAINED
Categories
* Counter Adversary Operations
164
* Endpoint & Cloud Security
393
* Engineering & Tech
73
* Executive Viewpoint
143
* From The Front Lines
190
* Identity Protection
29
* Observability & Log Management
73
* Remote Workplace
20
* Tech Center
149
CONNECT WITH US
FEATURED ARTICLES
Three Ways to Enhance Your Cloud Security with External Attack Surface
Management
August 21, 2023
Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete:
The Case of CVE-2023-36874
August 10, 2023
August 2023 Patch Tuesday: Two Actively Exploited Zero-Days and Six Critical
Vulnerabilities Addressed
August 9, 2023
CrowdStrike Debuts Counter Adversary Operations Team to Fight Faster and Smarter
Adversaries as Identity-Focused Attacks Skyrocket
August 8, 2023
SUBSCRIBE
Sign up now to receive the latest notifications and updates from CrowdStrike.
Sign Up
SEE CROWDSTRIKE FALCON® IN ACTION
Detect, prevent, and respond to attacks— even malware-free intrusions—at any
stage, with next-generation endpoint protection.
See Demo
CrowdStrike Expands Falcon Data Replicator Capabilities to Boost SOC Performance
May 2023 Patch Tuesday: Three Zero-Days and Six Critical Vulnerabilities
Identified
TRY CROWDSTRIKE FREE FOR 15 DAYS
GET STARTED WITH A FREE TRIAL
X
*
*
*
*
* Copyright © 2023 CrowdStrike
* Privacy
* Request Info
* Blog
* Contact Us
* 1.888.512.8906
x
ABOUT COOKIES ON THIS SITE
By clicking “Accept All Cookies”, you agree to the storing of cookies on your
device to enhance site navigation, analyze site usage, and assist in our
marketing efforts. Cookie Notice
Cookie Settings Reject All Accept All Cookies
COOKIE PREFERENCE CENTER
* YOUR PRIVACY
* STRICTLY NECESSARY COOKIES
* FUNCTIONAL COOKIES
* PERFORMANCE COOKIES
* TARGETING COOKIES
YOUR PRIVACY
When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer.
More information.
STRICTLY NECESSARY COOKIES
Always Active
These cookies are necessary for the website to function and cannot be switched
off in our systems. This includes diagnostic functions such as identifying 404
errors and monitoring page load speed. They are usually only set in response to
actions made by you which amount to a request for services, such as setting your
privacy preferences, logging in or filling in forms. You can set your browser to
block or alert you about these cookies, but some parts of the site will not then
work. These cookies do not store any personally identifiable information.
Cookies Details
FUNCTIONAL COOKIES
Functional Cookies
These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies then some
or all of these services may not function properly.
Cookies Details
PERFORMANCE COOKIES
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site. All
information these cookies collet is aggregated and therefore anonymous. If you
do not allow these cookies we will not know when you have visited our site, and
will not be able to monitor its performance.
Cookies Details
TARGETING COOKIES
Targeting Cookies
These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.
Cookies Details
Back Button
BACK
Filter Button
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label
* View Third Party Cookies
* Name
cookie name
Clear
checkbox label label
Apply Cancel
Confirm My Choices
Allow All