%0 Journal Article %1 SAIDIAFASCI2023103062 %A Saidia Fascí, Lara %A Fisichella, Marco %A Lax, Gianluca %A Qian, Chenyi %D 2023 %J Computers & Security %K %P 103062 %R https://doi.org/10.1016/j.cose.2022.103062 %T Disarming visualization-based approaches in malware detection systems %U https://www.sciencedirect.com/science/article/pii/S0167404822004540 %V 126 %X Visualization-based approaches have recently been used in conjunction with signature-based techniques to detect variants of malware files. Indeed, it is sufficient to modify some byte of executable files to modify the signature and, thus, to elude a signature-based detector. In this paper, we design a GAN-based architecture that allows an attacker to generate variants of a malware in which the malware patterns found by visualization-based approaches are hidden, thus producing a new version of the malware that is not detected by both signature-based and visualization-based techniques. The experiments carried out on a well-known malware dataset show a success rate of 100% in generating new variants of malware files that are not detected from the state-of-the-art visualization-based technique.

@article{SAIDIAFASCI2023103062, abstract = {Visualization-based approaches have recently been used in conjunction with signature-based techniques to detect variants of malware files. Indeed, it is sufficient to modify some byte of executable files to modify the signature and, thus, to elude a signature-based detector. In this paper, we design a GAN-based architecture that allows an attacker to generate variants of a malware in which the malware patterns found by visualization-based approaches are hidden, thus producing a new version of the malware that is not detected by both signature-based and visualization-based techniques. The experiments carried out on a well-known malware dataset show a success rate of 100% in generating new variants of malware files that are not detected from the state-of-the-art visualization-based technique.}, added-at = {2022-12-30T11:45:40.000+0100}, author = {{Saidia Fascí}, Lara and Fisichella, Marco and Lax, Gianluca and Qian, Chenyi}, biburl = {https://www.bibsonomy.org/bibtex/2c40c3ef9587f93855b5fba13816ce722/mfisichella}, doi = {https://doi.org/10.1016/j.cose.2022.103062}, interhash = {c72f922ed7f28b94fdd17802ca76a5b1}, intrahash = {c40c3ef9587f93855b5fba13816ce722}, issn = {0167-4048}, journal = {Computers & Security}, keywords = {}, pages = 103062, timestamp = {2022-12-30T11:45:40.000+0100}, title = {Disarming visualization-based approaches in malware detection systems}, url = {https://www.sciencedirect.com/science/article/pii/S0167404822004540}, volume = 126, year = 2023 }