Feature-level Malware Obfuscation in Deep Learning

TL;DR

This paper investigates how malware obfuscation affects deep learning detection models and proposes data augmentation techniques to improve robustness against feature-level attacks, especially focusing on API calls.

Contribution

It introduces a method to evaluate the impact of feature-level obfuscation on malware detection and demonstrates data augmentation as a defense, particularly effective for API call features.

Findings

Adding benign features increases false negatives in malware detection.

Data augmentation significantly reduces attack success for API call features.

Intents and Permissions are less effective for attack mitigation.

Abstract

We consider the problem of detecting malware with deep learning models, where the malware may be combined with significant amounts of benign code. Examples of this include piggybacking and trojan horse attacks on a system, where malicious behavior is hidden within a useful application. Such added flexibility in augmenting the malware enables significantly more code obfuscation. Hence we focus on the use of static features, particularly Intents, Permissions, and API calls, which we presume cannot be ultimately hidden from the Android system, but only augmented with yet more such features. We first train a deep neural network classifier for malware classification using features of benign and malware samples. Then we demonstrate a steep increase in false negative rate (i.e., attacks succeed), simply by randomly adding features of a benign app to malware. Finally we test the use of data augmentation to harden the classifier against such attacks. We find that for API calls, it is possible to reject the vast majority of attacks, where using Intents or Permissions is less successful.