MDEA: Malware Detection with Evolutionary Adversarial Learning

Malware detection have used machine learning to detect malware in programs. These applications take in raw or processed binary data to neural network models to classify as benign or malicious files. Even though this approach has proven effective against dynamic changes, such as encrypting, obfuscating and packing techniques, it is vulnerable to specific evasion attacks where that small changes in the input data cause misclassification at test time. This paper proposes a new approach: MDEA, an Adversarial Malware Detection model uses evolutionary optimization to create attack samples to make the network robust against evasion attacks. By retraining the model with the evolved malware samples, its performance improves a significant margin.

[1]  Carsten Willems,et al.  Automatic analysis of malware behavior using machine learning , 2011, J. Comput. Secur..

[2]  Jon Barker,et al.  Malware Detection by Eating a Whole EXE , 2017, AAAI Workshops.

[3]  Alexander V. Shapeev,et al.  Accelerating crystal structure prediction by machine-learning interatomic potentials with active learning , 2018, Physical Review B.

[4]  Xi Chen,et al.  Evolution Strategies as a Scalable Alternative to Reinforcement Learning , 2017, ArXiv.

[5]  Yoseba K. Penya,et al.  Idea: Opcode-Sequence-Based Malware Detection , 2010, ESSoS.

[6]  Zhenlong Yuan,et al.  DroidDetector: Android Malware Characterization and Detection Using Deep Learning , 2016 .

[7]  Claudia Eckert,et al.  Adversarial Malware Binaries: Evading Deep Learning for Malware Detection in Executables , 2018, 2018 26th European Signal Processing Conference (EUSIPCO).

[8]  Somesh Jha,et al.  A semantics-based approach to malware detection , 2008, TOPL.

[9]  Jason Yosinski,et al.  Deep neural networks are easily fooled: High confidence predictions for unrecognizable images , 2014, 2015 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[10]  Mohammad Majid al-Rifaie,et al.  Deep Neuroevolution: Training Deep Neural Networks for False Alarm Detection in Intensive Care Units , 2018, 2018 26th European Signal Processing Conference (EUSIPCO).

[11]  Vitaly Feldman,et al.  The advantages of multiple classes for reducing overfitting from test set reuse , 2019, ICML.

[12]  Tyler Moore,et al.  Polymorphic malware detection using sequence classification methods and ensembles , 2017, EURASIP J. Inf. Secur..

[13]  Paraskevas Tsangaratos,et al.  Groundwater spring potential mapping using population-based evolutionary algorithms and data mining methods. , 2019, The Science of the total environment.

[14]  Christopher Krügel,et al.  Detecting System Emulators , 2007, ISC.

[15]  Nitesh Kumar,et al.  Malware Classification Using Image Representation , 2019, CSCML.

[16]  Alok Aggarwal,et al.  Regularized Evolution for Image Classifier Architecture Search , 2018, AAAI.

[17]  James B. Fraley,et al.  Polymorphic malware detection using topological feature extraction with data mining , 2016, SoutheastCon 2016.

[18]  Yoshua Bengio,et al.  Generative Adversarial Nets , 2014, NIPS.

[19]  KokolakisSpyros Privacy attitudes and privacy behaviour , 2017 .

[20]  Yong Qi,et al.  Detecting Malware with an Ensemble Method Based on Deep Neural Network , 2018, Secur. Commun. Networks.

[21]  Steven R. Young,et al.  Optimizing deep learning hyper-parameters through an evolutionary algorithm , 2015, MLHPC@SC.

[22]  Kenneth O. Stanley,et al.  Deep Neuroevolution: Genetic Algorithms Are a Competitive Alternative for Training Deep Neural Networks for Reinforcement Learning , 2017, ArXiv.

[23]  Maghsoud Abbaspour,et al.  A static heuristic approach to detecting malware targets , 2015, Secur. Commun. Networks.

[24]  Yoshua Bengio,et al.  Generative Adversarial Networks , 2014, ArXiv.

[25]  Rahil Hosseini,et al.  A state-of-the-art survey of malware detection approaches using data mining techniques , 2018, Human-centric Computing and Information Sciences.

[26]  Daniel Gibert Llauradó Convolutional neural networks for malware classification , 2016 .

[27]  B. S. Manjunath,et al.  Malware images: visualization and automatic classification , 2011, VizSec '11.

[28]  Hyrum S. Anderson,et al.  Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learning , 2018, ArXiv.

[29]  Mansour Ahmadi,et al.  DLLMiner: structural mining for malware detection , 2015, Secur. Commun. Networks.

[30]  Arun K. Pujari,et al.  N-gram analysis for computer virus detection , 2006, Journal in Computer Virology.

[31]  Xin Yao,et al.  Evolutionary Generative Adversarial Networks , 2018, IEEE Transactions on Evolutionary Computation.

[32]  Yanfang Ye,et al.  DL 4 MD : A Deep Learning Framework for Intelligent Malware Detection , 2016 .

[33]  Tal Garfinkel,et al.  Compatibility Is Not Transparency: VMM Detection Myths and Realities , 2007, HotOS.

[34]  Ernesto Benini,et al.  A Simplex-Crossover-Based Multi-Objective Evolutionary Algorithm , 2014 .

[35]  Sung Wook Baik,et al.  Machine learning-assisted signature and heuristic-based detection of malwares in Android devices , 2017, Comput. Electr. Eng..