Protecting from Malware Obfuscation Attacks through Adversarial Risk Analysis
This addresses malware detection for cybersecurity users, but appears incremental as it builds on existing adversarial analysis methods.
The paper tackles the problem of malware detection systems failing against obfuscated malware, and proposes an improved solution based on adversarial risk analysis, though no concrete performance numbers are provided.
Malware constitutes a major global risk affecting millions of users each year. Standard algorithms in detection systems perform insufficiently when dealing with malware passed through obfuscation tools. We illustrate this studying in detail an open source metamorphic software, making use of a hybrid framework to obtain the relevant features from binaries. We then provide an improved alternative solution based on adversarial risk analysis which we illustrate describe with an example.