TY - GEN
T1 - Evading Deep Learning-Based Malware Detectors via Obfuscation
T2 - 23rd IEEE International Conference on Data Mining Workshops, ICDMW 2023
AU - Etter, Brian
AU - Hu, James Lee
AU - Ebrahimi, Mohammadreza
AU - Li, Weifeng
AU - Li, Xin
AU - Chen, Hsinchun
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Adversarial Malware Generation (AMG), the generation of adversarial malware variants to strengthen Deep Learning (DL)-based malware detectors has emerged as a crucial tool in the development of proactive cyberdefense. However, the majority of extant works offer subtle perturbations or additions to executable files and do not explore full-file obfuscation. In this study, we show that an open-source encryption tool coupled with a Reinforcement Learning (RL) framework can successfully obfuscate malware to evade state-of-the-art malware detection engines and outperform techniques that use advanced modification methods. Our results show that the proposed method improves the evasion rate from 27%-49% compared to widely-used state-of-the-art reinforcement learning-based methods.
AB - Adversarial Malware Generation (AMG), the generation of adversarial malware variants to strengthen Deep Learning (DL)-based malware detectors has emerged as a crucial tool in the development of proactive cyberdefense. However, the majority of extant works offer subtle perturbations or additions to executable files and do not explore full-file obfuscation. In this study, we show that an open-source encryption tool coupled with a Reinforcement Learning (RL) framework can successfully obfuscate malware to evade state-of-the-art malware detection engines and outperform techniques that use advanced modification methods. Our results show that the proposed method improves the evasion rate from 27%-49% compared to widely-used state-of-the-art reinforcement learning-based methods.
KW - Adversarial Malware Generation
KW - Adversarial Malware Variants
KW - Adversarial Robustness
KW - Obfuscation
KW - Reinforcement Learning
UR - http://www.scopus.com/inward/record.url?scp=85186142753&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85186142753&partnerID=8YFLogxK
U2 - 10.1109/ICDMW60847.2023.00169
DO - 10.1109/ICDMW60847.2023.00169
M3 - Conference contribution
AN - SCOPUS:85186142753
T3 - IEEE International Conference on Data Mining Workshops, ICDMW
SP - 1313
EP - 1321
BT - Proceedings - 23rd IEEE International Conference on Data Mining Workshops, ICDMW 2023
A2 - Wang, Jihe
A2 - He, Yi
A2 - Dinh, Thang N.
A2 - Grant, Christan
A2 - Qiu, Meikang
A2 - Pedrycz, Witold
PB - IEEE Computer Society
Y2 - 1 December 2023 through 4 December 2023
ER -