Conclusion

Built With

PyTorch - Open source machine learning library based on the Torch library.
Lief - A cross-platform library that can parse and abstract ELF, PE and MachO formats.
PE Bliss - PE library for rebuilding PE files, written in C++.
Gym-Malware - Malware manipulation environment for OpenAI's gym.
MalwareGAN - Adversarial Malware Generation Using GANs.

Gym-Malware Environment: https://github.com/endgameinc/gym-malware. The environment was modified to add GAN and the mutations were added/changed/removed to improve the evasiveness of the malware and maintain functionality.
Yanming Lai's (https://github.com/yanminglai/Malware-GAN) and
Zayd Hammoudeh's (https://github.com/ZaydH/MalwareGAN) work on implementation on Han and Tan's MalGAN played a crucial role in our understanding of the architecture. A majority of the implementation of the MalGAN used in this project has been forked off Hammoudeh's work.

Anderson, H., Kharkar, A., Filar, B., Evans, D. and Roth, P. (2018). Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learning. [online] arXiv.org. Available at: https://arxiv.org/abs/1801.08917.
Docs.microsoft.com. (n.d.). PE Format - Windows applications. [online] Available at: https://docs.microsoft.com/en-us/windows/win32/debug/pe-format#general-concepts.
Fang, Z., Wang, J., Li, B., Wu, S., Zhou, Y. and Huang, H. (2019). Evading Anti-Malware Engines With Deep Reinforcement Learning. [online] Ieeexplore.ieee.org. Available at: https://ieeexplore.ieee.org/abstract/document/8676031 [Accessed 25 Aug. 2019]. https://resources.infosecinstitute.com. (2019).
Malware Researcher’s Handbook (Demystifying PE File). [online] Available at: https://resources.infosecinstitute.com/2-malware-researchers-handbook-demystifying-pe-file/#gref.
Hu, W. and Tan, Y. (2018). Generating Adversarial Malware Examples for Black-Box Attacks Based on GAN. [online] arXiv.org. Available at: https://arxiv.org/abs/1702.05983.

Last updated 3 years ago