English

Madvex: Instrumentation-based Adversarial Attacks on Machine Learning Malware Detection

Cryptography and Security 2023-05-25 v2

Abstract

WebAssembly (Wasm) is a low-level binary format for web applications, which has found widespread adoption due to its improved performance and compatibility with existing software. However, the popularity of Wasm has also led to its exploitation for malicious purposes, such as cryptojacking, where malicious actors use a victim's computing resources to mine cryptocurrencies without their consent. To counteract this threat, machine learning-based detection methods aiming to identify cryptojacking activities within Wasm code have emerged. It is well-known that neural networks are susceptible to adversarial attacks, where inputs to a classifier are perturbed with minimal changes that result in a crass misclassification. While applying changes in image classification is easy, manipulating binaries in an automated fashion to evade malware classification without changing functionality is non-trivial. In this work, we propose a new approach to include adversarial examples in the code section of binaries via instrumentation. The introduced gadgets allow for the inclusion of arbitrary bytes, enabling efficient adversarial attacks that reliably bypass state-of-the-art machine learning classifiers such as the CNN-based Minos recently proposed at NDSS 2021. We analyze the cost and reliability of instrumentation-based adversarial example generation and show that the approach works reliably at minimal size and performance overheads.

Keywords

Cite

@article{arxiv.2305.02559,
  title  = {Madvex: Instrumentation-based Adversarial Attacks on Machine Learning Malware Detection},
  author = {Nils Loose and Felix Mächtle and Claudius Pott and Volodymyr Bezsmertnyi and Thomas Eisenbarth},
  journal= {arXiv preprint arXiv:2305.02559},
  year   = {2023}
}

Comments

20 pages. To be published in The 20th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2023)

R2 v1 2026-06-28T10:25:16.738Z