Visible to the public X-Swarm: Adversarial DRL for Metamorphic Malware Swarm Generation

Submitted by aekwall on Thu, 01/05/2023 - 5:07pm
TitleX-Swarm: Adversarial DRL for Metamorphic Malware Swarm Generation
Publication TypeConference Paper
Year of Publication2022
AuthorsSewak, Mohit, Sahay, Sanjay K., Rathore, Hemant
Conference Name2022 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops)
KeywordsAdversarial-RL, composability, compositionality, Computational modeling, Conferences, data mining, Deep Policy Reinforcement, Endpoint protection, Industry 4.0 Security, Malware, metamorphic malware, Pervasive computing, pubcrawl, ransomware, reinforcement learning, Swarm Attack, swarm intelligence, zero-day attack
AbstractAdvanced metamorphic malware and ransomware use techniques like obfuscation to alter their internal structure with every attack. Therefore, any signature extracted from such attack, and used to bolster endpoint defense, cannot avert subsequent attacks. Therefore, if even a single such malware intrudes even a single device of an IoT network, it will continue to infect the entire network. Scenarios where an entire network is targeted by a coordinated swarm of such malware is not beyond imagination. Therefore, the IoT era also requires Industry-4.0 grade AI-based solutions against such advanced attacks. But AI-based solutions need a large repository of data extracted from similar attacks to learn robust representations. Whereas, developing a metamorphic malware is a very complex task and requires extreme human ingenuity. Hence, there does not exist abundant metamorphic malware to train AI-based defensive solutions. Also, there is currently no system that could generate enough functionality preserving metamorphic variants of multiple malware to train AI-based defensive systems. Therefore, to this end, we design and develop a novel system, named X-Swarm. X-Swarm uses deep policy-based adversarial reinforcement learning to generate swarm of metamorphic instances of any malware by obfuscating them at the opcode level and ensuring that they could evade even capable, adversarial-attack immune endpoint defense systems.
DOI10.1109/PerComWorkshops53856.2022.9767485
Citation Keysewak_x-swarm_2022
Groups: