Saved in:
Bibliographic Details
Main Authors: Rando, Marco, Demetrio, Luca, Rosasco, Lorenzo, Roli, Fabio
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2405.14519
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866914249195913216
author Rando, Marco
Demetrio, Luca
Rosasco, Lorenzo
Roli, Fabio
author_facet Rando, Marco
Demetrio, Luca
Rosasco, Lorenzo
Roli, Fabio
contents Machine learning malware detectors are vulnerable to adversarial EXEmples, i.e., carefully-crafted Windows programs tailored to evade detection. Unlike other adversarial problems, attacks in this context must be functionality-preserving, a constraint that is challenging to address. As a consequence, heuristic algorithms are typically used, which inject new content, either randomly-picked or harvested from legitimate programs. In this paper, we show how learning malware detectors can be cast within a zeroth-order optimization framework, which allows incorporating functionality-preserving manipulations. This permits the deployment of sound and efficient gradient-free optimization algorithms, which come with theoretical guarantees and allow for minimal hyper-parameters tuning. As a by-product, we propose and study ZEXE, a novel zeroth-order attack against Windows malware detection. Compared to state-of-the-art techniques, ZEXE provides improvement in the evasion rate, reducing to less than one third the size of the injected content.
format Preprint
id arxiv_https___arxiv_org_abs_2405_14519
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle A New Formulation for Zeroth-Order Optimization of Adversarial EXEmples in Malware Detection
Rando, Marco
Demetrio, Luca
Rosasco, Lorenzo
Roli, Fabio
Machine Learning
Machine learning malware detectors are vulnerable to adversarial EXEmples, i.e., carefully-crafted Windows programs tailored to evade detection. Unlike other adversarial problems, attacks in this context must be functionality-preserving, a constraint that is challenging to address. As a consequence, heuristic algorithms are typically used, which inject new content, either randomly-picked or harvested from legitimate programs. In this paper, we show how learning malware detectors can be cast within a zeroth-order optimization framework, which allows incorporating functionality-preserving manipulations. This permits the deployment of sound and efficient gradient-free optimization algorithms, which come with theoretical guarantees and allow for minimal hyper-parameters tuning. As a by-product, we propose and study ZEXE, a novel zeroth-order attack against Windows malware detection. Compared to state-of-the-art techniques, ZEXE provides improvement in the evasion rate, reducing to less than one third the size of the injected content.
title A New Formulation for Zeroth-Order Optimization of Adversarial EXEmples in Malware Detection
topic Machine Learning
url https://arxiv.org/abs/2405.14519