Generation of Adversarial Malware Based on Genetic Algorithm and Instruction Replacement

Abstract

With the development of cyberspace security attack and defense, the malware detection model based on machine learning is also facing the threat of adversarial examples. An important way to defend against such threats is to generate effective adversarial examples and then use them to conduct adversarial training on the model. For the end-to-end PE malware detection model, most of the existing generation technologies for adversarial examples adopt the method of inserting dead codes, but the dead codes are easy to be filtered out by preprocessing. A novel adversarial-example generation approach for PE malware, called AGA, is proposed based on a genetic algorithm and equivalent-instruction replacement. The experimental studies show that the AGA approach outperforms the existing generation approach, which is based on a particle-swarm-optimization algorithm, in terms of attack effectiveness and attack-generation efficiency.