Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Preprint |
| Published: |
2024
|
| Subjects: | |
| Online Access: | https://arxiv.org/abs/2405.14519 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1866914249195913216 |
|---|---|
| author | Rando, Marco Demetrio, Luca Rosasco, Lorenzo Roli, Fabio |
| author_facet | Rando, Marco Demetrio, Luca Rosasco, Lorenzo Roli, Fabio |
| contents | Machine learning malware detectors are vulnerable to adversarial EXEmples, i.e., carefully-crafted Windows programs tailored to evade detection. Unlike other adversarial problems, attacks in this context must be functionality-preserving, a constraint that is challenging to address. As a consequence, heuristic algorithms are typically used, which inject new content, either randomly-picked or harvested from legitimate programs. In this paper, we show how learning malware detectors can be cast within a zeroth-order optimization framework, which allows incorporating functionality-preserving manipulations. This permits the deployment of sound and efficient gradient-free optimization algorithms, which come with theoretical guarantees and allow for minimal hyper-parameters tuning. As a by-product, we propose and study ZEXE, a novel zeroth-order attack against Windows malware detection. Compared to state-of-the-art techniques, ZEXE provides improvement in the evasion rate, reducing to less than one third the size of the injected content. |
| format | Preprint |
| id |
arxiv_https___arxiv_org_abs_2405_14519 |
| institution | arXiv |
| publishDate | 2024 |
| record_format | arxiv |
| spellingShingle | A New Formulation for Zeroth-Order Optimization of Adversarial EXEmples in Malware Detection Rando, Marco Demetrio, Luca Rosasco, Lorenzo Roli, Fabio Machine Learning Machine learning malware detectors are vulnerable to adversarial EXEmples, i.e., carefully-crafted Windows programs tailored to evade detection. Unlike other adversarial problems, attacks in this context must be functionality-preserving, a constraint that is challenging to address. As a consequence, heuristic algorithms are typically used, which inject new content, either randomly-picked or harvested from legitimate programs. In this paper, we show how learning malware detectors can be cast within a zeroth-order optimization framework, which allows incorporating functionality-preserving manipulations. This permits the deployment of sound and efficient gradient-free optimization algorithms, which come with theoretical guarantees and allow for minimal hyper-parameters tuning. As a by-product, we propose and study ZEXE, a novel zeroth-order attack against Windows malware detection. Compared to state-of-the-art techniques, ZEXE provides improvement in the evasion rate, reducing to less than one third the size of the injected content. |
| title | A New Formulation for Zeroth-Order Optimization of Adversarial EXEmples in Malware Detection |
| topic | Machine Learning |
| url | https://arxiv.org/abs/2405.14519 |