Conclusion

Built With

• PyTorch - Open source machine learning library based on the Torch library.

• Lief - A cross-platform library that can parse and abstract ELF, PE and MachO formats.

• PE Bliss - PE library for rebuilding PE files, written in C++.

• Gym-Malware - Malware manipulation environment for OpenAI's gym.

• MalwareGAN - Adversarial Malware Generation Using GANs.

Acknowledgments

• Gym-Malware Environment: https://github.com/endgameinc/gym-malware. The environment was modified to add GAN and the mutations were added/changed/removed to improve the evasiveness of the malware and maintain functionality.

• Yanming Lai's (https://github.com/yanminglai/Malware-GAN) and

• Zayd Hammoudeh's (https://github.com/ZaydH/MalwareGAN) work on implementation on Han and Tan's MalGAN played a crucial role in our understanding of the architecture. A majority of the implementation of the MalGAN used in this project has been forked off Hammoudeh's work.

References

• Anderson, H., Kharkar, A., Filar, B., Evans, D. and Roth, P. (2018). Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learning. [online] arXiv.org. Available at: https://arxiv.org/abs/1801.08917.

• Docs.microsoft.com. (n.d.). PE Format - Windows applications. [online] Available at: https://docs.microsoft.com/en-us/windows/win32/debug/pe-format#general-concepts.

• Fang, Z., Wang, J., Li, B., Wu, S., Zhou, Y. and Huang, H. (2019). Evading Anti-Malware Engines With Deep Reinforcement Learning. [online] Ieeexplore.ieee.org. Available at: https://ieeexplore.ieee.org/abstract/document/8676031 [Accessed 25 Aug. 2019]. https://resources.infosecinstitute.com. (2019).

• Malware Researcher’s Handbook (Demystifying PE File). [online] Available at: https://resources.infosecinstitute.com/2-malware-researchers-handbook-demystifying-pe-file/#gref.

• Hu, W. and Tan, Y. (2018). Generating Adversarial Malware Examples for Black-Box Attacks Based on GAN. [online] arXiv.org. Available at: https://arxiv.org/abs/1702.05983.