Combining Generators of Adversarial Malware Examples to Increase Evasion Rate

Matouš Kozák; Martin Jureček

doi:10.5220/0012127700003555

Combining Generators of Adversarial Malware Examples to Increase Evasion Rate

Matouš Kozák, Martin Jureček

2023

Abstract

Antivirus developers are increasingly embracing machine learning as a key component of malware defense. While machine learning achieves cutting-edge outcomes in many fields, it also has weaknesses that are exploited by several adversarial attack techniques. Many authors have presented both white-box and black-box generators of adversarial malware examples capable of bypassing malware detectors with varying success. We propose to combine contemporary generators in order to increase their potential. Combining different generators can create more sophisticated adversarial examples that are more likely to evade anti-malware tools. We demonstrated this technique on five well-known generators and recorded promising results. The best-performing combination of AMG-random and MAB-Malware generators achieved an average evasion rate of 15.9% against top-tier antivirus products. This represents an average improvement of more than 36% and 627% over using only the AMG-random and MAB-Malware generators, respectively. The generator that benefited the most from having another generator follow its procedure was the FGSM injection attack, which improved the evasion rate on average between 91.97% and 1,304.73%, depending on the second generator used. These results demonstrate that combining different generators can significantly improve their effectiveness against leading antivirus programs.

Download

Paper Citation

in Harvard Style

Kozák M. and Jureček M. (2023). Combining Generators of Adversarial Malware Examples to Increase Evasion Rate. In Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-666-8, SciTePress, pages 778-786. DOI: 10.5220/0012127700003555

in Bibtex Style

@conference{secrypt23,
author={Matouš Kozák and Martin Jureček},
title={Combining Generators of Adversarial Malware Examples to Increase Evasion Rate},
booktitle={Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2023},
pages={778-786},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012127700003555},
isbn={978-989-758-666-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - Combining Generators of Adversarial Malware Examples to Increase Evasion Rate
SN - 978-989-758-666-8
AU - Kozák M.
AU - Jureček M.
PY - 2023
SP - 778
EP - 786
DO - 10.5220/0012127700003555
PB - SciTePress