Automatic optimization for generating adversarial malware based on prioritized evolutionary computing

Abstract

Machine learning has been widely applied to malware detection tasks; but unfortunately, they exhibit significant vulnerability to adversarial attacks and can be easily circumvented using perturbation carefully crafted. Concurrently, we are witnessing a corresponding increase in the attention dedicated to adversarial attacks against malware detection models. Nevertheless, current research on adversarial examples still faces obstacles such as poor escape effectiveness and difficulty in preserving functionality. Particularly, greedily recruiting the best manipulations from a vast search space often leads to poor diversity of adversarial perturbation sequence. To rectify these shortcomings, this paper proposes an automated, continuously optimized approach for generating malware adversarial examples based on evolutionary computing. Our method filters effective action sequences from a large pool of random manipulations, assigning different priorities to different actions. The generation and optimization of adversarial examples are formalized as a sparse minimization optimization problem based on a fixed-length action vector. We introduce AOP-Mal, a novel genetic framework to automatically generate and optimize adversarial examples. The initialization and evolution of the population depend on the priority of actions, as well as the proposed novel evolutionary operator. The experimental results demonstrate that our attack strategy effectively bypasses the detection mechanisms and outperforms most state-of-the-art malware adversarial frameworks. Our hope is to help researchers understand the intentions of attackers and explore more powerful defense mechanisms.