loading page

Zone Perturbation Strengthens the Detection Capability of Deep Learning-Based Malware Detection Systems
  • Jun-Won Ho
Jun-Won Ho
Division of Information Security, Seoul Women's Univerity Seoul

Corresponding Author:[email protected]

Author Profile


Many researchers have usually harnessed perturbation techniques to generate adversarial malware evading the deep learning-based malware detection systems. To fight against adversarial malware created by perturbation techniques, most defense schemes focus on reshaping deep learning-based malware detection systems. However, this defense approach can be paralyzed if the internal structures of deep learning-based malware detection systems are not revealed. As a result, it is imperative to devise a new defense scheme without requiring the prior knowledge of deep learning-based malware detection systems. To come up to this need, we propose a zone perturbation scheme which enhances the detection capability of deep learningbased malware detection system. Our proposed scheme adapts the Sequential Probability Ratio Test (SPRT) to zone-based perturbation on text or itext or code sections of Windows PE files. In the sense that our proposed defense scheme harnesses perturbation technique, it breaks the conventional adaptations of perturbation weakening the detection capability of deep learningbased malware detection system. To the best of our knowledge, our zone perturbation is the first perturbation technique to be leveraged for the purpose of defending against malware. We evaluate the performance of our proposed zone perturbation against original malware as well as adversarial malware. For our evaluation, we adopt MalConv, which is widely used in the literature, as deep learning-based malware detection system. Moreover, our zone perturbation is broken into NopPerturbation and RandomPerturbation in accordance with the perturbed content of NOP (No Operation) codes and randomly generated codes, respectively. Our key evaluation results show that NopPerturbation (resp. RandomPerturbation) fixes 65.7% (resp. 28.6%) of benign decisions of MalConv on original malware and adversarial malware to malicious decisions on an average. This substantial enhancement in malware detection capability of MalConv is done at the cost of reasonable false positive error rate of 0.16 (resp. 0.055) and low false negative error rate of 0.007 (resp. 0.024) in case of applying NopPerturbation (resp. RandomPerturbation) to MalConv on an average.
15 May 2024Submitted to TechRxiv
20 May 2024Published in TechRxiv