Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers

Add code
Jun 24, 2018
Ishai Rosenberg, Asaf Shabtai, Lior Rokach, Yuval Elovici
Figure 1 for Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers
Figure 2 for Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers
Figure 3 for Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers
Figure 4 for Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

In this paper, we present a black-box attack against API call based machine learning malware classifiers, focusing on generating adversarial sequences combining API calls and static features (e.g., printable strings) that will be misclassified by the classifier without affecting the malware functionality. We show that this attack is effective against many classifiers due to the transferability principle between RNN variants, feed forward DNNs, and traditional machine learning classifiers such as SVM. We also implement GADGET, a software framework to convert any malware binary to a binary undetected by malware classifiers, using the proposed attack, without access to the malware source code.

* Accepted as a conference paper at RAID 2018  
View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon