József Sándor
PhD student
jozsef.sandor (at) crysys.hu
web: sandorjozsef.github.io
office: I.E. 429
tel: +36 1 463 2063
Current courses | Publications
Short Bio
József Sándor was born in 2000 in Székelyudvarhely, Romania. He earned both his B.Sc. and M.Sc. degrees in Computer Engineering from the Budapest University of Technology and Economics (BME). During his studies, he actively participated in research conducted at the Laboratory of Cryptography and System Security (CrySyS Lab) under the supervision of Dr. Levente Buttyán. His research focuses on IoT security, particularly in the area of IoT malware detection.
Current Courses
Coding and IT Security (VIHIBB01)
This BProf course gives an overview of the different areas of IT security with the aim of increasing the security awareness of computer science students and shaping their attitude towards designing and using secure computing systems. The course also gives an introduction to source software security and channel coding.
Publications
2023
Increasing the Robustness of a Machine Learning-based IoT Malware Detection Method with Adversarial Training
J. Sandor and R. Nagy and L. Buttyán
WiseML'23: Proceedings of the 2023 ACM Workshop on Wireless Security and Machine Learning, 2023.
Bibtex | Abstract | PDF | Link
@inproceedings {
author = {Jozsef Sandor and Roland Nagy and Levente Buttyán},
title = {Increasing the Robustness of a Machine Learning-based IoT Malware Detection Method with Adversarial Training},
booktitle = {WiseML'23: Proceedings of the 2023 ACM Workshop on Wireless Security and Machine Learning},
year = {2023},
howpublished = "\url{https://dl.acm.org/doi/10.1145/3586209.3591401}"
}
Keywords
Internet-of-Things; malware detection; machine learning; adversarial examples; adversarial trainingAbstract
We study the robustness of SIMBIoTA-ML, a recently proposed machine learning-based IoT malware detection solution against adversarial samples. First, we propose two adversarial sample creation strategies that modify existing malware binaries by appending extra bytes to them such that those extra bytes are never executed, but they make the modified samples dissimilar to the original ones. We show that SIMBIoTA-ML is robust against the first strategy, but it can be misled by the second one. To overcome this problem, we propose to use adversarial training, i.e., to extend the training set of SIMBIoTA-ML with samples that are crafted by using the adversarial evasion strategies. We measure the detection accuracy of SIMBIoTA-ML trained on such an extended training set and show that it remains high both for the original malware samples and for the adversarial samples.PATRIoTA: A Similarity-based IoT Malware Detection Method Robust Against Adversarial Samples
J. Sandor and R. Nagy and L. Buttyán
IEEE International Conference on Edge Computing and Communications (EDGE), 2023.
Bibtex | Abstract | PDF | Link
@inproceedings {
author = {Jozsef Sandor and Roland Nagy and Levente Buttyán},
title = {PATRIoTA: A Similarity-based IoT Malware Detection Method Robust Against Adversarial Samples},
booktitle = {IEEE International Conference on Edge Computing and Communications (EDGE)},
year = {2023},
howpublished = "\url{https://ieeexplore.ieee.org/document/10234259}"
}