AIMED: Evolving Malware with Genetic Programming to Evade Detection

Citations Over TimeTop 10% of 2019 papers

Abstract

Genetic Programming (GP) has previously proved to achieve valuable results on the fields of image processing and arcade learning. Similarly, it can be used as an adversarial learning approach to evolve malware samples until static learning classifiers are no longer able to detect it. While the implementation is relatively simple compared with other Machine Learning approaches, results proved that GP can be a competitive solution to find adversarial malware examples comparing with similar methods. Thus, AIMED - Automatic Intelligent Malware Modifications to Evade Detection - was designed and imple-mented using genetic algorithms to evade malware classifiers. Our experiments suggest that the time to achieve adversarial malware samples can be reduced up to 50% compared to classic random approaches. Moreover, we implemented AIMED to generate adversarial examples using individual malware scanners as target and tested the evasive files against further classifiers from both research and industry. The generated examples achieved up to 82% of cross-evasion rates among the classifiers.

Related Papers

• → A Survey On Automated Dynamic Malware Analysis Evasion and Counter-Evasion(2017)105 cited
• → Adversarial Learning in Real-World Fraud Detection: Challenges and Perspectives(2023)12 cited
• → Scantime antivirus evasion and malware deployment using silent-SFX(2016)9 cited
• → A Method for Summarizing and Classifying Evasive Malware(2023)5 cited
• ADVANCEMENT OF ATTACK AND DEFENSE TECHNIQUES IN ADVERSARIAL MACHINELEARNING(2020)