This work implement three defense strategies, adversarial training, randomized smoothing, and L1 regularization, against JS adversarial examples with Bag of words model.
Please follow this guide to utilize the code.
STEP 1: Download naive and malicious Javascript from any database (e.g. from https://github.com/HynekPetrak/javascript-malware-collection)
STEP 2: Make two folder, good_script and mal_script, to save those JS data, respectively.
$mkdir good_script
$mkdir mal_scriptSTEP 3: (Preprocessing) Generate RAW data by
$python3 RAWgenerator.pySTEP 4: (Preprocessing) Generate Bag of words data by
$python3 BOWgenerator.pySTEP 5: Train the basic model by
$python3 BASICtrain.pySTEP 6: Select a good model from ./Model/ folder. You can select it based on the plot of training result, which would be generated during training.
STEP 7: Make a folder name "Adv_example" and generate the adversarial examples by
$mkdir Adv_example
$python3 ADVgenerator.py -M model_pathSTEP 8: Train the models with adversarial training by
$python3 ADVtrain.pySTEP 9: Train the models with L1 regularization by
$python3 L1train.pySTEP 10: Train the models with randomized smoothing by
$python3 GAUtrain.pySTEP 11: Finally, attack each model with all the adversarial examples generated perviously to demonstrate how robust the models trained by different strategies are.
$python3 MUTUALattak.pySTEP 12: You can inspect all the results by the plot automatically generated during mutually attacking.