Efficient Black-box Optimization of Adversarial EXE Windows Malware

Windows malware detectors based on machine learning are vulnerable to adversarial examples, even if the attacker only has black-box access to the model.

However, of these attacks is that they require executing the adversarial malware sample in a sandbox at each iteration of its optimization process, to ensure that its intrusive functionality is preserved.

In this talk, we present a novel black-box attack that leverages a set of semantics-preserving, constrained malware manipulations to overcome this computationally-demanding validation step. 

Our attack is formalized as a constrained minimization problem which also enables optimizing the trade-off between the probability of evading detection and the size of the adversarial payload.

We investigate this trade-off empirically, on two static malware detectors, and show that our black-box attack is able to bypass them with only few iterations.

We conclude by discussing the limitations of our approach, and possible future extensions to target dynamic-based malware classifiers.



Luca Demetrio is a third-year Ph.D. student of the “Università degli Studi di Genova”, in Italy.

His main interests focus on the application of Adversarial Machine Learning techniques for Malware Detection.

Jointly working with Prof. Biggio, he is developing new white-box and black-box attacks against these kinds of detectors, leveraging the manipulation of malware samples with transformations that are semantics-invariant by design.


Latest news

The positive development of a privacy preserv...

Since the beginning of the year, we have watched COVID-19 cases fluctuate around the world, turning ...

How AI can learn to win the cybersecurity “game”

Cybersecurity is an incredibly serious business. So thinking of it as a game may seem a little odd. ...

Global audience makes first virtual CyberSec&...

The first virtual edition of CyberSec&AI Connected took place on October 8th. Building on 2019...

CyberSec&AI Connected is here!

After a year of planning and preparation, CyberSec&AI Connected has arrived. Today sees delegate...