Evading Deep Learning-Based Malware Detectors via Obfuscation: A Deep Reinforcement Learning Approach

Brian Etter, James Lee Hu, Mohammadreza Ebrahimi, Weifeng Li, Xin Li, Hsinchun Chen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Adversarial Malware Generation (AMG), the generation of adversarial malware variants to strengthen Deep Learning (DL)-based malware detectors has emerged as a crucial tool in the development of proactive cyberdefense. However, the majority of extant works offer subtle perturbations or additions to executable files and do not explore full-file obfuscation. In this study, we show that an open-source encryption tool coupled with a Reinforcement Learning (RL) framework can successfully obfuscate malware to evade state-of-the-art malware detection engines and outperform techniques that use advanced modification methods. Our results show that the proposed method improves the evasion rate from 27%-49% compared to widely-used state-of-the-art reinforcement learning-based methods.

Original languageEnglish (US)
Title of host publicationProceedings - 23rd IEEE International Conference on Data Mining Workshops, ICDMW 2023
EditorsJihe Wang, Yi He, Thang N. Dinh, Christan Grant, Meikang Qiu, Witold Pedrycz
PublisherIEEE Computer Society
Pages1313-1321
Number of pages9
ISBN (Electronic)9798350381641
DOIs
StatePublished - 2023
Event23rd IEEE International Conference on Data Mining Workshops, ICDMW 2023 - Shanghai, China
Duration: Dec 1 2023Dec 4 2023

Publication series

NameIEEE International Conference on Data Mining Workshops, ICDMW
ISSN (Print)2375-9232
ISSN (Electronic)2375-9259

Conference

Conference23rd IEEE International Conference on Data Mining Workshops, ICDMW 2023
Country/TerritoryChina
CityShanghai
Period12/1/2312/4/23

Keywords

  • Adversarial Malware Generation
  • Adversarial Malware Variants
  • Adversarial Robustness
  • Obfuscation
  • Reinforcement Learning

ASJC Scopus subject areas

  • Computer Science Applications
  • Software

Fingerprint

Dive into the research topics of 'Evading Deep Learning-Based Malware Detectors via Obfuscation: A Deep Reinforcement Learning Approach'. Together they form a unique fingerprint.

Cite this