A Comparison of State-of-the-Art Techniques for Generating Adversarial Malware Binaries
This work addresses cybersecurity threats by attackers, but it is incremental as it compares existing methods without introducing new ones.
The paper tackled the problem of generating adversarial malware to evade machine learning-based detectors by comparing three recent techniques on a public dataset, finding that modifying bytes in the binary header was most effective.
We consider the problem of generating adversarial malware by a cyber-attacker where the attacker's task is to strategically modify certain bytes within existing binary malware files, so that the modified files are able to evade a malware detector such as machine learning-based malware classifier. We have evaluated three recent adversarial malware generation techniques using binary malware samples drawn from a single, publicly available malware data set and compared their performances for evading a machine-learning based malware classifier called MalConv. Our results show that among the compared techniques, the most effective technique is the one that strategically modifies bytes in a binary's header. We conclude by discussing the lessons learned and future research directions on the topic of adversarial malware generation.