A Comparison of State-of-the-Art Techniques for Generating Adversarial Malware Binaries

TL;DR

This paper compares recent adversarial malware generation techniques, evaluating their effectiveness in evading machine learning-based malware detectors, and finds that header modification is most effective.

Contribution

It provides a comparative analysis of three state-of-the-art adversarial malware generation methods using a common dataset and classifier.

Findings

Header modification is most effective for evasion.

All techniques show varying success rates.

Insights into future research directions are discussed.

Abstract

We consider the problem of generating adversarial malware by a cyber-attacker where the attacker's task is to strategically modify certain bytes within existing binary malware files, so that the modified files are able to evade a malware detector such as machine learning-based malware classifier. We have evaluated three recent adversarial malware generation techniques using binary malware samples drawn from a single, publicly available malware data set and compared their performances for evading a machine-learning based malware classifier called MalConv. Our results show that among the compared techniques, the most effective technique is the one that strategically modifies bytes in a binary's header. We conclude by discussing the lessons learned and future research directions on the topic of adversarial malware generation.