Analyzing Threat Level of the Backdoor Attack Method for an Organization’s Operation
DOI:
https://doi.org/10.31436/ijpcc.v10i2.484Keywords:
Cybersecurity, Backdoor attack, Malware, Jitter, Direct payload injectionAbstract
Backdoor attacks played a critical part in the catastrophe, as well as the overall impact of cyberattacks. Backdoor assaults are additionally influencing the landscape of malware and threats, forcing companies to concentrate more on detecting and establishing vulnerability tactics in order to avoid hostile backdoor threats. Despite advances in cybersecurity systems, backdoor assaults remain a source of concern because of their propensity to remain undetected long after the attack vector has been started. This research is aimed to examine the threats of backdoor attack methods in an organization's operational network, provide a full-scale review, and serve as direction for training and defensive measures. The fundamental inspiration was drawn from the alarming and involving threat in cybersecurity, which necessitates a better awareness of the level of risk and the concurrent requirement for increased security measures. Most traditional security solutions usually fail to detect harmful backdoors due to the stealthy nature of backdoor code within the system, necessitating a unique approach to full-scale threat analysis. A multi-phase approach that begins with considerable reading and examination of existing literature to get insight into typical backdoor attack methodologies and application methods. Following analysis, testing was carried out in a virtual lab in a controlled environment because thorough malware analysis testing must adhere to ethical and legal cyber testing laws to avoid any penalties or foolish breaches. This methodology also included testing on numerous attack channels combined with backdoor attacks, such as detecting software vulnerabilities, phishing emails, and direct payload injection, to determine the complexity of the different attack vectors. Each of the collected data is utilized to create a threat model that predicts the amount of risk associated with the backdoor attack approach. The finding contributes to the development of more resilient defence mechanisms, while also strengthening the overall organization's security architecture and protocols.
References
Yang H, Xiang K, Ge M, Li H, Lu R, Yu S. A comprehensive overview of backdoor attacks in large language models within communication networks. IEEE Network. 2024 Feb 20.
Dai J, Chen C, Li Y. A backdoor attack against lstm-based text classification systems. IEEE Access. 2019 Sep 13; 7:138872-8.
Yang S, Bai J, Gao K, Yang Y, Li Y, Xia ST. Not all prompts are secure: A switchable backdoor attack against pre-trained vision transfomers. InProceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition 2024 (pp. 24431-24441).
Li Y, Jiang Y, Li Z, Xia ST. Backdoor learning: A survey. IEEE Transactions on Neural Networks and Learning Systems. 2022 Jun 22;35(1):5-22.
Liang S, Zhu M, Liu A, Wu B, Cao X, Chang EC. Badclip: Dual-embedding guided backdoor attack on multimodal contrastive learning. InProceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition 2024 (pp. 24645-24654).
Seo S, Kim D. Study on inside threats based on analytic hierarchy process. Symmetry. 2020 Jul 29;12(8):1255.
Gao Y, Doan BG, Zhang Z, Ma S, Zhang J, Fu A, Nepal S, Kim H. Backdoor attacks and countermeasures on deep learning: A comprehensive review. arXiv preprint arXiv:2007.10760. 2020 Jul 21.
Li B, Cai Y, Li H, Xue F, Li Z, Li Y. Nearest is not dearest: Towards practical defense against quantization-conditioned backdoor attacks. InProceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition 2024 (pp. 24523-24533).
Hashemi S, Zarei M. Internet of Things backdoors: Resource management issues, security challenges, and detection methods. Transactions on Emerging Telecommunications Technologies. 2021 Feb;32(2):e4142.
Qiu H, Zeng Y, Guo S, Zhang T, Qiu M, Thuraisingham B. Deepsweep: An evaluation framework for mitigating DNN backdoor attacks using data augmentation. InProceedings of the 2021 ACM Asia Conference on Computer and Communications Security 2021 May 24 (pp. 363-377).
Liu Z, Wang T, Huai M, Miao C. Backdoor attacks via machine unlearning. InProceedings of the AAAI Conference on Artificial Intelligence 2024 Mar 24 (Vol. 38, No. 13, pp. 14115-14123).
Chen B, Carvalho W, Baracaldo N, Ludwig H, Edwards B, Lee T, Molloy I, Srivastava B. Detecting backdoor attacks on deep neural networks by activation clustering. arXiv preprint arXiv:1811.03728. 2018 Nov 9.
Al Kader Hammoud HA, Liu S, Alkhrashi M, Albalawi F, Ghanem B. Look Listen and Attack: Backdoor Attacks Against Video Action Recognition. InProceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition 2024 (pp. 3439-3450).
Dong Y, Yang X, Deng Z, Pang T, Xiao Z, Su H, Zhu J. Black-box detection of backdoor attacks with limited information and data. InProceedings of the IEEE/CVF International Conference on Computer Vision 2021 (pp. 16482-16491).
Wan Y, Qu Y, Ni W, Xiang Y, Gao L, Hossain E. Data and model poisoning backdoor attacks on wireless federated learning, and the defense mechanisms: A comprehensive survey. IEEE Communications Surveys & Tutorials. 2024 Feb 7.
Goldblum M, Tsipras D, Xie C, Chen X, Schwarzschild A, Song D, M?dry A, Li B, Goldstein T. Dataset security for machine learning: Data poisoning, backdoor attacks, and defenses. IEEE Transactions on Pattern Analysis and Machine Intelligence. 2022 Mar 25;45(2):1563-80.
Nguyen TD, Nguyen TA, Tran A, Doan KD, Wong KS. Iba: Towards irreversible backdoor attacks in federated learning. Advances in Neural Information Processing Systems. 2024 Feb 13;36.
