Static Malware Detection & Subterfuge: Quantifying the Robustness of Machine Learning and Current Anti-Virus

06/12/2018
by   William Fleshman, et al.
0

As machine-learning (ML) based systems for malware detection become more prevalent, it becomes necessary to quantify the benefits compared to the more traditional anti-virus (AV) systems widely used today. It is not practical to build an agreed upon test set to benchmark malware detection systems on pure classification performance. Instead we tackle the problem by creating a new testing methodology, where we evaluate the change in performance on a set of known benign & malicious files as adversarial modifications are performed. The change in performance combined with the evasion techniques then quantifies a system's robustness against that approach. Through these experiments we are able to show in a quantifiable way how purely ML based systems can be more robust than AV products at detecting malware that attempts evasion through modification, but may be slower to adapt in the face of significantly novel attacks.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
05/09/2023

Quantum Machine Learning for Malware Classification

In a context of malicious software detection, machine learning (ML) is w...
research
08/09/2023

A Feature Set of Small Size for the PDF Malware Detection

Machine learning (ML)-based malware detection systems are becoming incre...
research
01/31/2023

Certified Robustness of Learning-based Static Malware Detectors

Certified defenses are a recent development in adversarial machine learn...
research
04/20/2019

Can Machine Learning Model with Static Features be Fooled: an Adversarial Machine Learning Approach

The widespread adoption of smartphones dramatically increases the risk o...
research
02/22/2023

PAD: Towards Principled Adversarial Malware Detection Against Evasion Attacks

Machine Learning (ML) techniques facilitate automating malicious softwar...
research
07/19/2018

Emulating malware authors for proactive protection using GANs over a distributed image visualization of the dynamic file behavior

Malware authors have always been at an advantage of being able to advers...
research
07/19/2018

Emulating malware authors for proactive protection using GANs over a distributed image visualization of dynamic file behavior

Malware authors have always been at an advantage of being able to advers...

Please sign up or login with your details

Forgot password? Click here to reset