网络与信息安全学报2024,Vol.10Issue(5):152-162,11.DOI:10.11959/j.issn.2096-109x.2024074
基于深度强化学习的恶意ELF文件检测对抗方法
Adversarial method for malicious ELF file detection based on deep reinforcement learning
摘要
Abstract
In recent years,research on detecting malicious executable and linkable format(ELF)files based on deep learning had made significant progress.At the same time,adversarial attacks on models had also gained widespread attention.Attackers could generate adversarial examples to mislead neural networks,causing malicious software to be misclassified as benign,thereby evading detection.Although various methods for generating adversarial ex-amples had been proposed,they were often not suitable for modifying ELF files or lacked the ability to transfer across different detection models.To overcome the limitations of existing methods,an adversarial example genera-tion method based on deep reinforcement learning was proposed.This method generated adversarial examples by constructing optimal perturbation bytes for the target detection model while preserving the original functionality of the ELF files,without relying on the internal details of the target model.The experimental results showed that the adversarial examples generated by this method achieved a 76.80%success rate in evading the target detection model,and could enhance the robustness of the model through adversarial training.关键词
深度强化学习/恶意软件检测/对抗样本/ELF文件Key words
deep reinforcement learning/malware detection/adversarial samples/ELF file分类
信息技术与安全科学引用本文复制引用
孙贺,张博成,耿嘉炫,吴迪,王俊峰,方智阳..基于深度强化学习的恶意ELF文件检测对抗方法[J].网络与信息安全学报,2024,10(5):152-162,11.基金项目
国家自然科学基金(U2133208) (U2133208)
四川省科技厅重点研发项目(2023YFG0290) The National Natural Science Foundation of China(U2133208),The Key Research and Development Pro-gram of Science and Technology Department of Sichuan Province(2023YFG0290) (2023YFG0290)
