Adversarial Attacks against Windows PE Malware Detection: A Survey of the State-of-the-Art

by   Xiang Ling, et al.

The malware has been being one of the most damaging threats to computers that span across multiple operating systems and various file formats. To defend against the ever-increasing and ever-evolving threats of malware, tremendous efforts have been made to propose a variety of malware detection methods that attempt to effectively and efficiently detect malware. Recent studies have shown that, on the one hand, existing ML and DL enable the superior detection of newly emerging and previously unseen malware. However, on the other hand, ML and DL models are inherently vulnerable to adversarial attacks in the form of adversarial examples, which are maliciously generated by slightly and carefully perturbing the legitimate inputs to confuse the targeted models. Basically, adversarial attacks are initially extensively studied in the domain of computer vision, and some quickly expanded to other domains, including NLP, speech recognition and even malware detection. In this paper, we focus on malware with the file format of portable executable (PE) in the family of Windows operating systems, namely Windows PE malware, as a representative case to study the adversarial attack methods in such adversarial settings. To be specific, we start by first outlining the general learning framework of Windows PE malware detection based on ML/DL and subsequently highlighting three unique challenges of performing adversarial attacks in the context of PE malware. We then conduct a comprehensive and systematic review to categorize the state-of-the-art adversarial attacks against PE malware detection, as well as corresponding defenses to increase the robustness of PE malware detection. We conclude the paper by first presenting other related attacks against Windows PE malware detection beyond the adversarial attacks and then shedding light on future research directions and opportunities.


page 4

page 10

page 12

page 18


Effectiveness of Moving Target Defenses for Adversarial Attacks in ML-based Malware Detection

Several moving target defenses (MTDs) to counter adversarial ML attacks ...

MalProtect: Stateful Defense Against Adversarial Query Attacks in ML-based Malware Detection

ML models are known to be vulnerable to adversarial query attacks. In th...

Practical Attacks on Machine Learning: A Case Study on Adversarial Windows Malware

While machine learning is vulnerable to adversarial examples, it still l...

Stegomalware: A Systematic Survey of MalwareHiding and Detection in Images, Machine LearningModels and Research Challenges

Malware distribution to the victim network is commonly performed through...

A Survey on Malware Detection with Graph Representation Learning

Malware detection has become a major concern due to the increasing numbe...

RoboMal: Malware Detection for Robot Network Systems

Robot systems are increasingly integrating into numerous avenues of mode...

A Survey of Recent Advances in Deep Learning Models for Detecting Malware in Desktop and Mobile Platforms

Malware is one of the most common and severe cyber-attack today. Malware...

Please sign up or login with your details

Forgot password? Click here to reset