English

Adversarial Deep Learning for Robust Detection of Binary Encoded Malware

Cryptography and Security 2018-03-28 v3 Machine Learning Machine Learning

Abstract

Malware is constantly adapting in order to avoid detection. Model based malware detectors, such as SVM and neural networks, are vulnerable to so-called adversarial examples which are modest changes to detectable malware that allows the resulting malware to evade detection. Continuous-valued methods that are robust to adversarial examples of images have been developed using saddle-point optimization formulations. We are inspired by them to develop similar methods for the discrete, e.g. binary, domain which characterizes the features of malware. A specific extra challenge of malware is that the adversarial examples must be generated in a way that preserves their malicious functionality. We introduce methods capable of generating functionally preserved adversarial malware examples in the binary domain. Using the saddle-point formulation, we incorporate the adversarial examples into the training of models that are robust to them. We evaluate the effectiveness of the methods and others in the literature on a set of Portable Execution~(PE) files. Comparison prompts our introduction of an online measure computed during training to assess general expectation of robustness.

Keywords

Cite

@article{arxiv.1801.02950,
  title  = {Adversarial Deep Learning for Robust Detection of Binary Encoded Malware},
  author = {Abdullah Al-Dujaili and Alex Huang and Erik Hemberg and Una-May O'Reilly},
  journal= {arXiv preprint arXiv:1801.02950},
  year   = {2018}
}

Comments

1ST Deep Learning and Security Workshop (co-located with the 39th IEEE Symposium on Security and Privacy)

R2 v1 2026-06-22T23:40:26.787Z