Automatic Generation of Adversarial Metamorphic Malware Using MAP-Elites
| Autor: | Zhiyuan Tan, Emma Hart, Kehinde O. Babaagba |
|---|---|
| Rok vydání: | 2020 |
| Předmět: | |
| Zdroj: | Applications of Evolutionary Computation ISBN: 9783030437213 EvoApplications |
| Popis: | In the field of metamorphic malware detection, training a detection model with malware samples that reflect potential mutants of the malware is crucial in developing a model resistant to future attacks. In this paper, we use a Multi-dimensional Archive of Phenotypic Elites (MAP-Elites) algorithm to generate a large set of novel, malicious mutants that are diverse with respect to their behavioural and structural similarity to the original mutant. Using two classes of malware as a test-bed, we show that the MAP-Elites algorithm produces a large and diverse set of mutants, that evade between 64% to 72% of the 63 detection engines tested. When compared to results obtained using repeated runs of an Evolutionary Algorithm that converges to a single solution result, the MAP-Elites approach is shown to produce a significantly more diverse range of solutions, while providing equal or improved results in terms of evasiveness, depending on the dataset in question. In addition, the archive produced by MAP-Elites sheds insight into the properties of a sample that lead to them being undetectable by a suite of existing detection engines. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|