@inproceedings{d8a095d9ae314a2d81beff182b313db1,
title = "Malware Makeover: Breaking ML-based Static Analysis by Modifying Executable Bytes",
abstract = "Motivated by the transformative impact of deep neural networks (DNNs) in various domains, researchers and anti-virus vendors have proposed DNNs for malware detection from raw bytes that do not require manual feature engineering. In this work, we propose an attack that interweaves binary-diversification techniques and optimization frameworks to mislead such DNNs while preserving the functionality of binaries. Unlike prior attacks, ours manipulates instructions that are a functional part of the binary, which makes it particularly challenging to defend against. We evaluated our attack against three DNNs in white-and black-box settings, and found that it often achieved success rates near 100%. Moreover, we found that our attack can fool some commercial anti-viruses, in certain cases with a success rate of 85%. We explored several defenses, both new and old, and identified some that can foil over 80% of our evasion attempts. However, these defenses may still be susceptible to evasion by attacks, and so we advocate for augmenting malware-detection systems with methods that do not rely on machine learning.",
keywords = "adversarial machine learning, malware, neural networks, security",
author = "Keane Lucas and Mahmood Sharif and Lujo Bauer and Reiter, {Michael K.} and Saurabh Shintre",
note = "Publisher Copyright: {\textcopyright} 2021 Owner/Author.; 16th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2021 ; Conference date: 07-06-2021 Through 11-06-2021",
year = "2021",
month = may,
day = "24",
doi = "https://doi.org/10.1145/3433210.3453086",
language = "الإنجليزيّة",
series = "ASIA CCS 2021 - Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security",
pages = "744--758",
booktitle = "ASIA CCS 2021 - Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security",
}