Fvading Deep Learning -Based Malware Detectors via Obfuscation: A Deep Reinforcement Learning Approach

被引：0

作者：

Etter, Brian ^{[1
]}

Hu, James Lee ^{[1
]}

Ebrahimi, Mohammadreza ^{[2
]}

Li, Weifeng ^{[3
]}

Li, Xin ^{[4
]}

Chen, Hsinchun ^{[1
]}

机构：

[1] Univ Arizona, Dept Management Informat Syst, Tucson, AZ 85721 USA

[2] Univ S Florida, Sch Informat Syst & Management, Tampa, FL USA

[3] Univ Georgia, Dept Management Informat Syst, Athens, GA USA

[4] Univ Arizona, Dept Comp Sci, Tucson, AZ USA

来源：

23RD IEEE INTERNATIONAL CONFERENCE ON DATA MINING, ICDM 2023 | 2023年

基金：

美国国家科学基金会;

关键词：

Adversarial Robustness; Reinforcement Learning; Adversarial Malware Variants; Adversarial Malware Generation; Obfuscation;

D O I：

10.1109/ICDM58522.2023.00019

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Adversarial Malware Generation (AMG), the generation of adversarial malware variants to strengthen Deep Learning (DL) -based malware detectors has emerged as a crucial tool in the development of proactive cyberdefense. However, the majority of extant works offer subtle perturbations or additions to executable tiles and do not explore full-file obfuscation. In this study, we show that an open-source encryption tool coupled with a Reinforcement Learning (RL) framework can successfully obfuscate malware to evade state-of-the-art malware detection engines and outperform techniques that use advanced modification methods. Our results show that the proposed method improves the evasion rate from 27%-49% compared to widely used state-of-the-art reinforcement learning-based methods.

引用

页码：101 / 109

页数：9

共 36 条

[1]

Aghakhani H., When Malware is Packin' Heat

[2]

Limits of Machine Learning Classifiers Based on Static Analysis Features

[3] A State-of-the-Art Survey on Deep Learning Theory and Architectures [J].

Alom, Md Zahangir ;

Taha, Tarek M. ;

Yakopcic, Chris ;

Westberg, Stefan ;

Sidike, Paheding ;

Nasrin, Mst Shamima ;

Hasan, Mahmudul ;

Van Essen, Brian C. ;

Awwal, Abdul A. S. ;

Asari, Vijayan K. .

ELECTRONICS, 2019, 8 (03)

[4]

Anderson H.S., arXiv

[5]

Badhwar R., Polymorphic and metamorphic malware. the ciso's next frontier

[6]

Baltazar P., How and where do hackers hide malware? malwarefox

[7]

Bergenholtz E., Information and Communications Security, P36

[8]

Carlini N, 2019, Arxiv, DOI arXiv:1902.06705

[9]

Castro RL, 2019, 5TH INTERNATIONAL CONFERENCE ON INFORMATION MANAGEMENT (ICIM 2019), P20, DOI [10.1109/INFOMAN.2019.8714698, 10.1109/infoman.2019.8714698]

[10] Adversarial Examples for CNN-Based Malware Detectors [J].

Chen, Bingcai ;

Ren, Zhongru ;

Yu, Chao ;

Hussain, Iftikhar ;

Liu, Jintao .

IEEE ACCESS, 2019, 7 :54360-54371

← 1 2 3 4 →