{"title":"一种基于进化的生成对抗网络启发方法来击败变形恶意软件","authors":"Kehinde O. Babaagba, Jordan Wylie","doi":"10.1145/3583133.3596362","DOIUrl":null,"url":null,"abstract":"Defeating dangerous families of malware like polymorphic and metamorphic malware have become well studied due to their increased attacks on computer systems and network. Traditional Machine Learning (ML) models have been used in detecting this malware, however they are often not resistant to future attacks. In this paper, an Evolutionary based Generative Adversarial Network (GAN) inspired approach is proposed as a step towards defeating metamorphic malware. This method uses an Evolutionary Algorithm as a generator to create malware that are designed to fool a detector, a deep learning model into classifying them as benign. We employ a personal information stealing malware family (Dougalek) as a testbed, selected based on its malicious payload and evaluate the samples generated based on their adversarial accuracy, measured based on the number of Antivirus (AV) engines they are able to fool and their ability to fool a set of ML detectors (k-Nearest Neighbors algorithm, Support Vector Machine, Decision Trees, and Multi-Layer Perceptron). The results show that the adversarial samples are on average able to fool 63% of the AV engines and the ML detectors are susceptible to the new mutants achieving an accuracy between 60%-77%.","PeriodicalId":422029,"journal":{"name":"Proceedings of the Companion Conference on Genetic and Evolutionary Computation","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An Evolutionary based Generative Adversarial Network Inspired Approach to Defeating Metamorphic Malware\",\"authors\":\"Kehinde O. Babaagba, Jordan Wylie\",\"doi\":\"10.1145/3583133.3596362\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Defeating dangerous families of malware like polymorphic and metamorphic malware have become well studied due to their increased attacks on computer systems and network. Traditional Machine Learning (ML) models have been used in detecting this malware, however they are often not resistant to future attacks. In this paper, an Evolutionary based Generative Adversarial Network (GAN) inspired approach is proposed as a step towards defeating metamorphic malware. This method uses an Evolutionary Algorithm as a generator to create malware that are designed to fool a detector, a deep learning model into classifying them as benign. We employ a personal information stealing malware family (Dougalek) as a testbed, selected based on its malicious payload and evaluate the samples generated based on their adversarial accuracy, measured based on the number of Antivirus (AV) engines they are able to fool and their ability to fool a set of ML detectors (k-Nearest Neighbors algorithm, Support Vector Machine, Decision Trees, and Multi-Layer Perceptron). The results show that the adversarial samples are on average able to fool 63% of the AV engines and the ML detectors are susceptible to the new mutants achieving an accuracy between 60%-77%.\",\"PeriodicalId\":422029,\"journal\":{\"name\":\"Proceedings of the Companion Conference on Genetic and Evolutionary Computation\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-07-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the Companion Conference on Genetic and Evolutionary Computation\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3583133.3596362\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Companion Conference on Genetic and Evolutionary Computation","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3583133.3596362","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Evolutionary based Generative Adversarial Network Inspired Approach to Defeating Metamorphic Malware
Defeating dangerous families of malware like polymorphic and metamorphic malware have become well studied due to their increased attacks on computer systems and network. Traditional Machine Learning (ML) models have been used in detecting this malware, however they are often not resistant to future attacks. In this paper, an Evolutionary based Generative Adversarial Network (GAN) inspired approach is proposed as a step towards defeating metamorphic malware. This method uses an Evolutionary Algorithm as a generator to create malware that are designed to fool a detector, a deep learning model into classifying them as benign. We employ a personal information stealing malware family (Dougalek) as a testbed, selected based on its malicious payload and evaluate the samples generated based on their adversarial accuracy, measured based on the number of Antivirus (AV) engines they are able to fool and their ability to fool a set of ML detectors (k-Nearest Neighbors algorithm, Support Vector Machine, Decision Trees, and Multi-Layer Perceptron). The results show that the adversarial samples are on average able to fool 63% of the AV engines and the ML detectors are susceptible to the new mutants achieving an accuracy between 60%-77%.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
