Dr Kehinde Babaagba K.Babaagba@napier.ac.uk
Lecturer
Automatic Generation of Adversarial Metamorphic Malware Using MAP-Elites
Babaagba, Kehinde O.; Tan, Zhiyuan; Hart, Emma
Authors
Dr Thomas Tan Z.Tan@napier.ac.uk
Associate Professor
Prof Emma Hart E.Hart@napier.ac.uk
Professor
Abstract
In the field of metamorphic malware detection, training a detection model with malware samples that reflect potential mutants of the malware is crucial in developing a model resistant to future attacks. In this paper, we use a Multi-dimensional Archive of Phenotypic Elites (MAP-Elites) algorithm to generate a large set of novel, malicious mutants that are diverse with respect to their behavioural and structural similarity to the original mutant. Using two classes of malware as a test-bed, we show that the MAP-Elites algorithm produces a large and diverse set of mutants, that evade between 64% to 72% of the 63 detection engines tested. When compared to results obtained using repeated runs of an Evolutionary Algorithm that converges to a single solution result , the MAP-Elites approach is shown to produce a significantly more diverse range of solutions, while providing equal or improved results in terms of evasiveness, depending on the dataset in question. In addition, the archive produced by MAP-Elites sheds insight into the properties of a sample that lead to them being undetectable by a suite of existing detection engines.
Citation
Babaagba, K. O., Tan, Z., & Hart, E. (2020, April). Automatic Generation of Adversarial Metamorphic Malware Using MAP-Elites. Presented at EvoStar 2020, Seville, Spain
| Presentation Conference Type | Conference Paper (published) |
|---|---|
| Conference Name | EvoStar 2020 |
| Start Date | Apr 15, 2020 |
| End Date | Apr 17, 2020 |
| Acceptance Date | Jan 9, 2020 |
| Online Publication Date | Apr 9, 2020 |
| Publication Date | Apr 9, 2020 |
| Deposit Date | Feb 12, 2020 |
| Publicly Available Date | Feb 17, 2020 |
| Publisher | Springer |
| Pages | 117-132 |
| Series Title | Lecture Notes in Computer Science |
| Series Number | 12104 |
| Series ISSN | 0302-9743 |
| Book Title | Applications of Evolutionary Computation. EvoApplications 2020 |
| Chapter Number | 8 |
| ISBN | 9783030437213 |
| DOI | https://doi.org/10.1007/978-3-030-43722-0_8 |
| Keywords | Metamorphic Malware; MAP-Elites; Machine-Learning |
| Public URL | http://researchrepository.napier.ac.uk/Output/2554363 |
Files
Automatic Generation Of Adversarial Metamorphic Malware Using MAP-Elites
(1000 Kb)
PDF
You might also like
Nowhere Metamorphic Malware Can Hide - A Biological Evolution Inspired Detection Scheme
(2019)
Presentation / Conference Contribution
Evolutionary based Transfer Learning Approach to Improving Classification of Metamorphic Malware
(2023)
Presentation / Conference Contribution