Protecting from Malware Obfuscation Attacks through Adversarial Risk   Analysis

Alberto Redondo; David Rios Insua

arXiv:1911.03653·cs.CR·November 12, 2019

Protecting from Malware Obfuscation Attacks through Adversarial Risk Analysis

Alberto Redondo, David Rios Insua

PDF

TL;DR

This paper addresses the challenge of malware obfuscation by analyzing the risks using adversarial risk analysis, proposing an improved detection approach to enhance security against obfuscated malware.

Contribution

It introduces an adversarial risk analysis framework tailored for malware obfuscation, improving detection capabilities over standard algorithms.

Findings

01

Demonstrates the limitations of existing detection algorithms against obfuscated malware.

02

Proposes an adversarial risk analysis method that enhances malware detection.

03

Validates the approach with an example using metamorphic software.

Abstract

Malware constitutes a major global risk affecting millions of users each year. Standard algorithms in detection systems perform insufficiently when dealing with malware passed through obfuscation tools. We illustrate this studying in detail an open source metamorphic software, making use of a hybrid framework to obtain the relevant features from binaries. We then provide an improved alternative solution based on adversarial risk analysis which we illustrate describe with an example.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.