A comparison of adversarial malware generators
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21240%2F24%3A00374598" target="_blank" >RIV/68407700:21240/24:00374598 - isvavai.cz</a>
Result on the web
<a href="https://doi.org/10.1007/s11416-024-00519-z" target="_blank" >https://doi.org/10.1007/s11416-024-00519-z</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1007/s11416-024-00519-z" target="_blank" >10.1007/s11416-024-00519-z</a>
Alternative languages
Result language
angličtina
Original language name
A comparison of adversarial malware generators
Original language description
Machine learning has proven to be a valuable tool for automated malware detection, but machine learning systems have also been shown to be subject to adversarial attacks. This paper summarizes and compares related work on generating adversarial malware samples, specifically malicious Windows Portable Executable files. In contrast with previous research, we not only compare generators of adversarial malware examples theoretically, but we also provide an experimental comparison and evaluation for practical usability. We use gradient-based, evolutionary-based, and reinforcement-based approaches to create adversarial samples, which we test against selected antivirus products. The results show that applying optimized modifications to previously detected malware can lead to incorrect classification of the file as benign. Moreover, generated malicious samples can be effectively employed against detection models other than those used to produce them, and combinations of methods can construct new instances that avoid detection. Based on our findings, the Gym-malware generator, which uses reinforcement learning, has the greatest practical potential. This generator has the fastest average sample production time of 5.73 s and the highest average evasion rate of 44.11%. Using the Gym-malware generator in combination with itself further improved the evasion rate to 58.35%. However, other tested methods scored significantly lower in our experiments than reported in the original publications, highlighting the importance of a standardized evaluation environment.
Czech name
—
Czech description
—
Classification
Type
J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
<a href="/en/project/EF16_019%2F0000765" target="_blank" >EF16_019/0000765: Research Center for Informatics</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach
Others
Publication year
2024
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Name of the periodical
Journal of Computer Virology and Hacking Techniques
ISSN
2263-8733
e-ISSN
—
Volume of the periodical
20
Issue of the periodical within the volume
4
Country of publishing house
FR - FRANCE
Number of pages
17
Pages from-to
623-639
UT code for WoS article
001197701800001
EID of the result in the Scopus database
2-s2.0-85189454316