Skip to main content

Table 1 Related work of evasion attacks in malware detection

From: LSGAN-AT: enhancing malware detector robustness against adversarial examples

Ref

Attack phase

Data type

Data level

Model

Dynamic Feature

Model Comparison

Model transferability

AME evaluation

Hu and Tan 2017)

Training

Malware by Website (malwr.com)

SC

GAN

Li and Li 2020)

Training

Drebin(Arp et al. 2014), Androzoo (Allix et al. 2016)

SC, Byte

Ensemble Methods (DL-based)

Grosse et al. 2016)

Training

Drebin

SC

FFNN

Chen et al. 2017)

Testing

Windows

SC

EvnAttack (ML-based)

Grosse et al. 2017)

Training

Drebin

SC

DNN

Khoda et al. 2019)

Training

Drebin

SC

Ensemble Methods (ML-based)

Wang et al. 2019b)

Training

Drebin

SC

JSMA and NN

Yuan et al. 2020)

Training

VirusTotal (“VirusTotal”. 2021), Kaggle 2015 (“Microsoft Malware Classification Challenge (BIG 2015), Chocolatey (“Chocolatey—The package manager for Windows” 2021)

Byte

GAPGAN

Ours

Training

VirusShare (“VirusShare.com”. 2021), Androzoo

SC

LSGAN

  1. aSC Semantic characteristic
  2. bThe Attack Phase includes during the training phase and during predicting/testing. The Data Type indicates the type of malware datasets such as Android and Windows malware. The Data Level displays the feature type of data, mainly including semantic characteristic, byte, and pixel. The Model demonstrates the trained model pattern including DL-based models and conventional ML-based models. The Approach exposes the overview of the specific method. The Dynamic Feature is used to analyze whether the paper uses dynamic malware features to avoid code obfuscation. The Model Comparison represents whether the paper makes the comparison. The Model Transferability indicates whether the paper attack other detectors using AME generated by themselves. The AME Evaluation denotes whether the reference paper makes the adversarial malware example performance analysis