Add more mutations

Currently, the tool makes the following mutations to the malware file

• Add imports received from GAN

• Add sections received from GAN

• Append bytes to sections

• Rename sections

• UPX pack

• UPX unpack

• Add/Remove signature

• Append a random number of bytes

To add your own mutations, follow the below steps

Step 1: Add the function

Make sure not to break the binary by modifying the PE format. Test your mutation before using it for training.

Go to gym_malware/envs/controls/manipulate2 and add a function in the MalwareManipulator class

class MalwareManipulator(object):
    
    def add_your_mutation(self, seed=None):
    # self.bytez is the variable that stores the binary 
    # you can make modifications to self.bytez
    # return self.bytez

    def overlay_append(self, seed=None):

Once the function is built, make sure to add the function name in the ACTION_TABLE in gym_malware/envs/controls/manipulate2

ACTION_TABLE = {
    # 'do_nothing': identity,
    'overlay_append': 'overlay_append',
    'section_rename' : 'section_rename',
    'add_signature' : 'add_signature',
    'section_add' : 'section_add',
    'imports_append' : 'imports_append',
    'remove_signature': 'remove_signature',
    'upx_pack' : 'upx_pack'
    'upx_unpack' : 'upx_unpack'
    '<your-mutation-function>' : '<your-mutation-function>'
}