AMVG: Adaptive Malware Variant Generation Framework Using Machine Learning

Jusop Choi, Dongsoon Shin, Hyoungshick Kim, Jason Seotis, Jin Hong

Research output: Chapter in Book/Conference paperConference paper

Abstract

There are advances in detecting malware using machine learning (ML), but it is still a challenging task to detect advanced malware variants (e.g., polymorphic and metamorphic variations). To detect such variants, we first need to understand the methods used to generate them to bypass the detection
methods. In this paper, we introduce an adaptive malware variant generation (AMVG) framework to study bypassing malware detection methods efficiently. The AMVG framework uses ML (e.g., genetic algorithm (GA)) to generate malware variants that satisfy specific detection criteria. The use of GA automates the
malware variant generations with appropriate modules to handle various input formats. For the experiment, we use malware samples retrieved from theZoo, a collection of malware samples1. The results show that we can automatically generate malware variants that satisfy varying detection criteria in a practical
amount of time, as well as showing the capabilities to handle different input formats.
Original languageEnglish
Title of host publicationProceedings of the 24th IEEE Pacific Rim International Symposium on Dependable Computing
PublisherIEEE, Institute of Electrical and Electronics Engineers
Number of pages11
ISBN (Electronic)139781728149615
DOIs
Publication statusPublished - 2019
Event24th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2019) - Rihga Royal Hotel Kyoto, Kyoto, Japan
Duration: 1 Dec 20193 Dec 2019
http://prdc.dependability.org/PRDC2019/

Conference

Conference24th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2019)
Abbreviated titlePRDC 2019
CountryJapan
CityKyoto
Period1/12/193/12/19
Internet address

Fingerprint

Learning systems
Genetic algorithms
Malware

Cite this

Choi, J., Shin, D., Kim, H., Seotis, J., & Hong, J. (2019). AMVG: Adaptive Malware Variant Generation Framework Using Machine Learning. In Proceedings of the 24th IEEE Pacific Rim International Symposium on Dependable Computing IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/PRDC47002.2019.00055
Choi, Jusop ; Shin, Dongsoon ; Kim, Hyoungshick ; Seotis, Jason ; Hong, Jin. / AMVG: Adaptive Malware Variant Generation Framework Using Machine Learning. Proceedings of the 24th IEEE Pacific Rim International Symposium on Dependable Computing. IEEE, Institute of Electrical and Electronics Engineers, 2019.
@inproceedings{ba3fc85ac3ab467693d7d12046f0f8f3,
title = "AMVG: Adaptive Malware Variant Generation Framework Using Machine Learning",
abstract = "There are advances in detecting malware using machine learning (ML), but it is still a challenging task to detect advanced malware variants (e.g., polymorphic and metamorphic variations). To detect such variants, we first need to understand the methods used to generate them to bypass the detectionmethods. In this paper, we introduce an adaptive malware variant generation (AMVG) framework to study bypassing malware detection methods efficiently. The AMVG framework uses ML (e.g., genetic algorithm (GA)) to generate malware variants that satisfy specific detection criteria. The use of GA automates themalware variant generations with appropriate modules to handle various input formats. For the experiment, we use malware samples retrieved from theZoo, a collection of malware samples1. The results show that we can automatically generate malware variants that satisfy varying detection criteria in a practicalamount of time, as well as showing the capabilities to handle different input formats.",
author = "Jusop Choi and Dongsoon Shin and Hyoungshick Kim and Jason Seotis and Jin Hong",
year = "2019",
doi = "10.1109/PRDC47002.2019.00055",
language = "English",
booktitle = "Proceedings of the 24th IEEE Pacific Rim International Symposium on Dependable Computing",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",
address = "United States",

}

Choi, J, Shin, D, Kim, H, Seotis, J & Hong, J 2019, AMVG: Adaptive Malware Variant Generation Framework Using Machine Learning. in Proceedings of the 24th IEEE Pacific Rim International Symposium on Dependable Computing. IEEE, Institute of Electrical and Electronics Engineers, 24th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2019), Kyoto, Japan, 1/12/19. https://doi.org/10.1109/PRDC47002.2019.00055

AMVG: Adaptive Malware Variant Generation Framework Using Machine Learning. / Choi, Jusop; Shin, Dongsoon; Kim, Hyoungshick; Seotis, Jason; Hong, Jin.

Proceedings of the 24th IEEE Pacific Rim International Symposium on Dependable Computing. IEEE, Institute of Electrical and Electronics Engineers, 2019.

Research output: Chapter in Book/Conference paperConference paper

TY - GEN

T1 - AMVG: Adaptive Malware Variant Generation Framework Using Machine Learning

AU - Choi, Jusop

AU - Shin, Dongsoon

AU - Kim, Hyoungshick

AU - Seotis, Jason

AU - Hong, Jin

PY - 2019

Y1 - 2019

N2 - There are advances in detecting malware using machine learning (ML), but it is still a challenging task to detect advanced malware variants (e.g., polymorphic and metamorphic variations). To detect such variants, we first need to understand the methods used to generate them to bypass the detectionmethods. In this paper, we introduce an adaptive malware variant generation (AMVG) framework to study bypassing malware detection methods efficiently. The AMVG framework uses ML (e.g., genetic algorithm (GA)) to generate malware variants that satisfy specific detection criteria. The use of GA automates themalware variant generations with appropriate modules to handle various input formats. For the experiment, we use malware samples retrieved from theZoo, a collection of malware samples1. The results show that we can automatically generate malware variants that satisfy varying detection criteria in a practicalamount of time, as well as showing the capabilities to handle different input formats.

AB - There are advances in detecting malware using machine learning (ML), but it is still a challenging task to detect advanced malware variants (e.g., polymorphic and metamorphic variations). To detect such variants, we first need to understand the methods used to generate them to bypass the detectionmethods. In this paper, we introduce an adaptive malware variant generation (AMVG) framework to study bypassing malware detection methods efficiently. The AMVG framework uses ML (e.g., genetic algorithm (GA)) to generate malware variants that satisfy specific detection criteria. The use of GA automates themalware variant generations with appropriate modules to handle various input formats. For the experiment, we use malware samples retrieved from theZoo, a collection of malware samples1. The results show that we can automatically generate malware variants that satisfy varying detection criteria in a practicalamount of time, as well as showing the capabilities to handle different input formats.

U2 - 10.1109/PRDC47002.2019.00055

DO - 10.1109/PRDC47002.2019.00055

M3 - Conference paper

BT - Proceedings of the 24th IEEE Pacific Rim International Symposium on Dependable Computing

PB - IEEE, Institute of Electrical and Electronics Engineers

ER -

Choi J, Shin D, Kim H, Seotis J, Hong J. AMVG: Adaptive Malware Variant Generation Framework Using Machine Learning. In Proceedings of the 24th IEEE Pacific Rim International Symposium on Dependable Computing. IEEE, Institute of Electrical and Electronics Engineers. 2019 https://doi.org/10.1109/PRDC47002.2019.00055