All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

The Power of MEME: Adversarial Malware Creation with Model-Based Reinforcement Learning

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F24%3A00371216" target="_blank" >RIV/68407700:21230/24:00371216 - isvavai.cz</a>

  • Result on the web

    <a href="https://doi.org/10.1007/978-3-031-51482-1_3" target="_blank" >https://doi.org/10.1007/978-3-031-51482-1_3</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1007/978-3-031-51482-1_3" target="_blank" >10.1007/978-3-031-51482-1_3</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    The Power of MEME: Adversarial Malware Creation with Model-Based Reinforcement Learning

  • Original language description

    Due to the proliferation of malware, defenders are increasingly turning to automation and machine learning as part of the malware detection toolchain. However, machine learning models are susceptible to adversarial attacks, requiring the testing of model and product robustness. Meanwhile, attackers also seek to automate malware generation and evasion of antivirus systems, and defenders try to gain insight into their methods. This work proposes a new algorithm that combines Malware Evasion and Model Extraction (MEME) attacks. MEME uses model-based reinforcement learning to adversarially modify Windows executable binary samples while simultaneously training a surrogate model with a high agreement with the target model to evade. To evaluate this method, we compare it with two state-of-the-art attacks in adversarial malware creation, using three well-known published models and one antivirus product as targets. Results show that MEME outperforms the state-of-the-art methods in terms of evasion capabilities in almost all cases, producing evasive malware with an evasion rate in the range of 32–73%. It also produces surrogate models with a prediction label agreement with the respective target models between 97–99%. The surrogate could be used to fine-tune and improve the evasion rate in the future.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

    <a href="/en/project/VJ02010020" target="_blank" >VJ02010020: AI-Dojo: Multiagent Testbed for Research and Testing of AI-driven Cybersecurity Technologies</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2024

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    28th European Symposium on Research in Computer Security, The Hague, The Netherlands, September 25–29, 2023, Proceedings, Part I

  • ISBN

    978-3-031-50593-5

  • ISSN

    0302-9743

  • e-ISSN

  • Number of pages

    21

  • Pages from-to

    44-64

  • Publisher name

    Springer Nature Switzerland AG

  • Place of publication

    Basel

  • Event location

    The Hague

  • Event date

    Sep 25, 2023

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    001208360100003

Similar results(10)

Stealing and evading malware classifiers and antivirus at low false positive conditionsGeneration of Adversarial Malware and Benign Examples Using Reinforcement LearningCreating valid adversarial examples of malware