Against All Odds: Winning the Defense Challenge in an Evasion Competition with Diversification
This work addresses the security of malware detection systems for cybersecurity applications, though it is incremental as it builds on existing adversarial learning concepts.
The authors tackled the problem of defending machine learning-based malware detection systems against evasion attacks by developing PEberus, which won first place in the Microsoft Evasion Competition defender challenge, resisting various attacks from independent attackers.
Machine learning-based systems for malware detection operate in a hostile environment. Consequently, adversaries will also target the learning system and use evasion attacks to bypass the detection of malware. In this paper, we outline our learning-based system PEberus that got the first place in the defender challenge of the Microsoft Evasion Competition, resisting a variety of attacks from independent attackers. Our system combines multiple, diverse defenses: we address the semantic gap, use various classification models, and apply a stateful defense. This competition gives us the unique opportunity to examine evasion attacks under a realistic scenario. It also highlights that existing machine learning methods can be hardened against attacks by thoroughly analyzing the attack surface and implementing concepts from adversarial learning. Our defense can serve as an additional baseline in the future to strengthen the research on secure learning.