Research On Evasion Attack Methods For Malware Based On Generative Adversarial Networks

Malware has become one of the most serious threats to national security.In order to more effectively detect and prevent malware,an increasing number of anti-virus companies are adopting machine learning techniques to improve the accuracy of malware detection and the ability to detect unknown attacks.However,with the rise of adversarial learning techniques,machine learning itself has also given rise to security issues.Recent research has shown that deep learning models can make incorrect decisions by introducing subtle perturbations to the input.This allows attackers to evade malware detection models by modifying input data based on the idea of adversarial samples,resulting in evasion attacks that pose a serious threat to machine learning-based malware detection technologies.However,most evasion attack methods currently suffer from small perturbation spaces,limited perturbation forms,and a dependence on query count during the attack process,resulting in poor effectiveness in real-world scenarios.This paper aims to address these issues by proposing and implementing the following research:(1)A malware perturbation method based on an ensemble strategy is proposed and implemented.By exploring executable file structures,two feasible perturbation methods that satisfy the constraints of the malware domain,namely,structure-based and behavior-based perturbations,are summarized.By implementing an ensemble strategy,the perturbation space and form can be increased while retaining the malicious functionality and authenticity of the sample.Experimental results show that this ensemble strategy has better attack effectiveness.(2)A malware evasion attack framework based on generative adversarial networks is proposed and implemented.By allowing the discriminator to dynamically distil the decision boundary of the black-box target model and training the generator to generate adversarial samples to bypass the discriminator,the generator can be used to achieve evasion attacks after the training process,effectively improving the attack’s stealthiness.Experimental results show that this framework is more effective for evasion attacks on deep learning models based on byte sequences,and achieves a 100% evasion attack success rate with just 5% perturbation space.(3)A prototype system for malware evasion attacks is designed and implemented.Based on the open-source cuckoo sandbox,an intelligent malware detection module and a malware evasion attack module are developed.The intelligent detection module supports global configuration and user-defined processes such as feature extraction,feature engineering,and detection model deployment.The evasion attack module supports global configuration and user-defined processes such as perturbation method selection and attack model deployment.By comparing the intelligent detection results before and after the attack,successful attack samples can be saved for subsequent research and analysis.This work has important value in achieving malware evasion attacks from the perspective of adversarial samples,and provides inspiration for designing more robust detection models to defend against evasion attacks.