μGAN: A mutation-based cost optimal adversarial malware generation approach against evolving Android malware variants

Abstract

Malware detection and evasion constitute a pair of opponents locked in a relentless competitive game—to bypass stringent detection mechanisms, Android malware has evolved a variety of sophisticated evasion techniques, been continuously spawning new malware variants, which poses an ongoing challenge for Android defense systems to efficiently detect these evolving threats. To tackle this problem, adversarial training offers a promising approach to improving the resilience of detection systems against newly emerging malware variants. However, in the setting of Android malware detection, adversarial training still faces a critical challenge—how to craft valid and meaningful adversarial samples. This paper proposes a mutation-based adversarial malware generation approach, which attempts to introduce proper perturbations to the seed samples in order to enable them to successfully evade detection. To seek for such perturbations, we formulate the problem of crafting adversarial malware as a constrained combinatorial optimization problem—adversarial samples should evade detection while consuming minimal crafting efforts. For this problem, we devise a solution strategy, referred to as $\mu$GAN, which combines strengths of the Generative Adversarial Networks and the Simulated Annealing algorithm, to screen the optimal adversarial samples. Furthermore, we retrain an enhanced malware classifier by augmenting the dataset with the generated adversarial malware samples to improve the performance of detection against new malware variants. Extensive experimental evaluation shows that, introducing perturbations into malware can significantly promote the ability of malware to evade security detection; the enhanced malware detector retrained using our approach demonstrates superior performance over other state-of-the-art classifiers.