Dr Kehinde Babaagba K.Babaagba@napier.ac.uk
Lecturer
Automatic Generation of Adversarial Metamorphic Malware Using MAP-Elites
Babaagba, Kehinde O.; Tan, Zhiyuan; Hart, Emma
Authors
Dr Thomas Tan Z.Tan@napier.ac.uk
Associate Professor
Prof Emma Hart E.Hart@napier.ac.uk
Professor
Abstract
In the field of metamorphic malware detection, training a detection model with malware samples that reflect potential mutants of the malware is crucial in developing a model resistant to future attacks. In this paper, we use a Multi-dimensional Archive of Phenotypic Elites (MAP-Elites) algorithm to generate a large set of novel, malicious mutants that are diverse with respect to their behavioural and structural similarity to the original mutant. Using two classes of malware as a test-bed, we show that the MAP-Elites algorithm produces a large and diverse set of mutants, that evade between 64% to 72% of the 63 detection engines tested. When compared to results obtained using repeated runs of an Evolutionary Algorithm that converges to a single solution result , the MAP-Elites approach is shown to produce a significantly more diverse range of solutions, while providing equal or improved results in terms of evasiveness, depending on the dataset in question. In addition, the archive produced by MAP-Elites sheds insight into the properties of a sample that lead to them being undetectable by a suite of existing detection engines.
| Presentation Conference Type | Conference Paper (Published) |
|---|---|
| Conference Name | EvoStar 2020 |
| Start Date | Apr 15, 2020 |
| End Date | Apr 17, 2020 |
| Acceptance Date | Jan 9, 2020 |
| Online Publication Date | Apr 9, 2020 |
| Publication Date | Apr 9, 2020 |
| Deposit Date | Feb 12, 2020 |
| Publicly Available Date | Feb 17, 2020 |
| Publisher | Springer |
| Pages | 117-132 |
| Series Title | Lecture Notes in Computer Science |
| Series Number | 12104 |
| Series ISSN | 0302-9743 |
| Book Title | Applications of Evolutionary Computation. EvoApplications 2020 |
| Chapter Number | 8 |
| ISBN | 9783030437213 |
| DOI | https://doi.org/10.1007/978-3-030-43722-0_8 |
| Keywords | Metamorphic Malware; MAP-Elites; Machine-Learning |
| Public URL | http://researchrepository.napier.ac.uk/Output/2554363 |
Files
Automatic Generation Of Adversarial Metamorphic Malware Using MAP-Elites
(1000 Kb)
PDF
You might also like
Nowhere Metamorphic Malware Can Hide - A Biological Evolution Inspired Detection Scheme
(2019)
Presentation / Conference Contribution
A Study on the Effect of Feature Selection on Malware Analysis using Machine Learning
(2019)
Presentation / Conference Contribution
A Generative Neural Network for Enhancing Android Metamorphic Malware Detection based on Behaviour Profiling
(2022)
Presentation / Conference Contribution
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search