Optimization-Guided Binary Diversification to Mislead Neural Networks for Malware Detection

by   Mahmood Sharif, et al.

Motivated by the transformative impact of deep neural networks (DNNs) on different areas (e.g., image and speech recognition), researchers and anti-virus vendors are proposing end-to-end DNNs for malware detection from raw bytes that do not require manual feature engineering. Given the security sensitivity of the task that these DNNs aim to solve, it is important to assess their susceptibility to evasion. In this work, we propose an attack that guides binary-diversification tools via optimization to mislead DNNs for malware detection while preserving the functionality of binaries. Unlike previous attacks on such DNNs, ours manipulates instructions that are a functional part of the binary, which makes it particularly challenging to defend against. We evaluated our attack against three DNNs in white-box and black-box settings, and found that it can often achieve success rates near 100 some commercial anti-viruses, in certain cases with a success rate of 85 explored several defenses, both new and old, and identified some that can successfully prevent over 80 may still be susceptible to evasion by adaptive attackers, and so we advocate for augmenting malware-detection systems with methods that do not rely on machine learning.


page 1

page 10


Instance Attack:An Explanation-based Vulnerability Analysis Framework Against DNNs for Malware Detection

Deep neural networks (DNNs) are increasingly being applied in malware de...

Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers

In this paper, we present a black-box attack against API call based mach...

Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learning

Machine learning is a popular approach to signatureless malware detectio...

EvadeDroid: A Practical Evasion Attack on Machine Learning for Black-box Android Malware Detection

Over the last decade, several studies have investigated the weaknesses o...

HashTran-DNN: A Framework for Enhancing Robustness of Deep Neural Networks against Adversarial Malware Samples

Adversarial machine learning in the context of image processing and rela...

Adversarial Examples on Discrete Sequences for Beating Whole-Binary Malware Detection

In recent years, deep learning has shown performance breakthroughs in ma...

Deep-Net: Deep Neural Network for Cyber Security Use Cases

Deep neural networks (DNNs) have witnessed as a powerful approach in thi...

Please sign up or login with your details

Forgot password? Click here to reset