Ensemble dynamic behavior detection method for adversarial malware

Abstract

Behavior-based malware detection approaches combined with deep learning techniques are effective against unknown malware and malware variants. However, such approaches are vulnerable to adversarial attacks. Adversarial malware is carefully optimized to evade detection through embedding numerous anti-detection techniques, e.g., inserting irrelevant API calls or using API calls in loops during the program execution to mask the real malicious intentions. To address this problem, we propose a novel ensemble adversarial dynamic behavior detection method aiming at three features of malicious API sequence, namely Immediacy, Locality, and Adversary. The individual classifiers of the ensemble method follow the “excellent and diverse” principle. We conduct extensive experiments over large real benign and malicious instances and demonstrate a generic, query-efficient gray-box adversarial attack to evaluate our model. The experimental results indicate that, compared with the individual classifiers, the detection accuracy is improved by up to 2.55%∼11.34% (without anti-attack), 8.64%∼21.33% (random perturbation), and 10.07%∼21.34% (benign perturbation) respectively. To sum up, our method provides better effectiveness, generality, and resiliency in the absence of a constant re-training of the detector needed to cope with the evolution of adversarial malware.