secml-malware: Pentesting Windows Malware Classifiers with Adversarial EXEmples in Python

TL;DR

secml-malware is a Python library designed to evaluate the robustness of Windows malware classifiers against adversarial attacks, enabling automated penetration testing with state-of-the-art attack methods while maintaining malware functionality.

Contribution

It introduces the first Python tool for adversarial attack simulation on Windows malware classifiers, facilitating robustness assessment and extension with new attack strategies.

Findings

Supports white-box and black-box attacks

Preserves malware functionality during manipulations

Enables automated robustness evaluation

Abstract

Machine learning has been increasingly used as a first line of defense for Windows malware detection. Recent work has however shown that learning-based malware detectors can be evaded by carefully-perturbed input malware samples, referred to as adversarial EXEmples, thus demanding for tools that can ease and automate the adversarial robustness evaluation of such detectors. To this end, we present secml-malware, the first Python library for computing adversarial attacks on Windows malware detectors. secml-malware implements state-of-the-art white-box and black-box attacks on Windows malware classifiers, by leveraging a set of feasible manipulations that can be applied to Windows programs while preserving their functionality. The library can be used to perform the penetration testing and assessment of the adversarial robustness of Windows malware detectors, and it can be easily extended to include novel attack strategies. Our library is available at https://github.com/pralab/secml_malware.