{"id":"https://openalex.org/W4392923972","doi":"https://doi.org/10.1007/s11416-024-00516-2","title":"Creating valid adversarial examples of malware","display_name":"Creating valid adversarial examples of malware","publication_year":2024,"publication_date":"2024-03-18","ids":{"openalex":"https://openalex.org/W4392923972","doi":"https://doi.org/10.1007/s11416-024-00516-2"},"language":"en","primary_location":{"id":"doi:10.1007/s11416-024-00516-2","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s11416-024-00516-2","pdf_url":"https://link.springer.com/content/pdf/10.1007/s11416-024-00516-2.pdf","source":{"id":"https://openalex.org/S2764922190","display_name":"Journal of Computer Virology and Hacking Techniques","issn_l":"2263-8733","issn":["2263-8733"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Virology and Hacking Techniques","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://link.springer.com/content/pdf/10.1007/s11416-024-00516-2.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5037604415","display_name":"Matou\u0161 Koz\u00e1k","orcid":"https://orcid.org/0000-0001-8329-7572"},"institutions":[{"id":"https://openalex.org/I44504214","display_name":"Czech Technical University in Prague","ror":"https://ror.org/03kqpb082","country_code":"CZ","type":"education","lineage":["https://openalex.org/I44504214"]}],"countries":["CZ"],"is_corresponding":true,"raw_author_name":"Matou\u0161 Koz\u00e1k","raw_affiliation_strings":["Faculty of Information Technology, Czech Technical University in Prague, Prague, Czechia"],"raw_orcid":"https://orcid.org/0000-0001-8329-7572","affiliations":[{"raw_affiliation_string":"Faculty of Information Technology, Czech Technical University in Prague, Prague, Czechia","institution_ids":["https://openalex.org/I44504214"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033203359","display_name":"Martin Jure\u010dek","orcid":"https://orcid.org/0000-0002-6546-8953"},"institutions":[{"id":"https://openalex.org/I44504214","display_name":"Czech Technical University in Prague","ror":"https://ror.org/03kqpb082","country_code":"CZ","type":"education","lineage":["https://openalex.org/I44504214"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Martin Jure\u010dek","raw_affiliation_strings":["Faculty of Information Technology, Czech Technical University in Prague, Prague, Czechia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Faculty of Information Technology, Czech Technical University in Prague, Prague, Czechia","institution_ids":["https://openalex.org/I44504214"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010812344","display_name":"Mark Stamp","orcid":"https://orcid.org/0000-0002-3803-8368"},"institutions":[{"id":"https://openalex.org/I51504820","display_name":"San Jose State University","ror":"https://ror.org/04qyvz380","country_code":"US","type":"education","lineage":["https://openalex.org/I51504820"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mark Stamp","raw_affiliation_strings":["Department of Computer Science, San Jose State University, San Jose, CA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, San Jose State University, San Jose, CA, USA","institution_ids":["https://openalex.org/I51504820"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5074325073","display_name":"Fabio Di Troia","orcid":"https://orcid.org/0000-0003-2355-7146"},"institutions":[{"id":"https://openalex.org/I51504820","display_name":"San Jose State University","ror":"https://ror.org/04qyvz380","country_code":"US","type":"education","lineage":["https://openalex.org/I51504820"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Fabio Di Troia","raw_affiliation_strings":["Department of Computer Science, San Jose State University, San Jose, CA, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, San Jose State University, San Jose, CA, USA","institution_ids":["https://openalex.org/I51504820"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5037604415"],"corresponding_institution_ids":["https://openalex.org/I44504214"],"apc_list":{"value":2390,"currency":"EUR","value_usd":2990},"apc_paid":{"value":2390,"currency":"EUR","value_usd":2990},"fwci":7.8916,"has_fulltext":true,"cited_by_count":24,"citation_normalized_percentile":{"value":0.98224036,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":100},"biblio":{"volume":"20","issue":"4","first_page":"607","last_page":"621"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9753000140190125,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8606156706809998},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8382980227470398},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7308196425437927},{"id":"https://openalex.org/keywords/evasion","display_name":"Evasion (ethics)","score":0.6761341094970703},{"id":"https://openalex.org/keywords/reinforcement-learning","display_name":"Reinforcement learning","score":0.6392809152603149},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6296040415763855},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.6252729892730713},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.5624278783798218},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.4421744644641876},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.32914531230926514},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.11152485013008118}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8606156706809998},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8382980227470398},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7308196425437927},{"id":"https://openalex.org/C2781251061","wikidata":"https://www.wikidata.org/wiki/Q5416089","display_name":"Evasion (ethics)","level":3,"score":0.6761341094970703},{"id":"https://openalex.org/C97541855","wikidata":"https://www.wikidata.org/wiki/Q830687","display_name":"Reinforcement learning","level":2,"score":0.6392809152603149},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6296040415763855},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.6252729892730713},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.5624278783798218},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.4421744644641876},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.32914531230926514},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.11152485013008118},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C203014093","wikidata":"https://www.wikidata.org/wiki/Q101929","display_name":"Immunology","level":1,"score":0.0},{"id":"https://openalex.org/C8891405","wikidata":"https://www.wikidata.org/wiki/Q1059","display_name":"Immune system","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/s11416-024-00516-2","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s11416-024-00516-2","pdf_url":"https://link.springer.com/content/pdf/10.1007/s11416-024-00516-2.pdf","source":{"id":"https://openalex.org/S2764922190","display_name":"Journal of Computer Virology and Hacking Techniques","issn_l":"2263-8733","issn":["2263-8733"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Virology and Hacking Techniques","raw_type":"journal-article"},{"id":"pmh:oai:scholarworks.sjsu.edu:faculty_rsca-5576","is_oa":true,"landing_page_url":"https://scholarworks.sjsu.edu/faculty_rsca/4577","pdf_url":null,"source":{"id":"https://openalex.org/S4377196389","display_name":"San Jos\u00e9 State University ScholarWorks (San Jose State University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I51504820","host_organization_name":"San Jose State University","host_organization_lineage":["https://openalex.org/I51504820"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Faculty Research, Scholarly, and Creative Activity","raw_type":"text"}],"best_oa_location":{"id":"doi:10.1007/s11416-024-00516-2","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s11416-024-00516-2","pdf_url":"https://link.springer.com/content/pdf/10.1007/s11416-024-00516-2.pdf","source":{"id":"https://openalex.org/S2764922190","display_name":"Journal of Computer Virology and Hacking Techniques","issn_l":"2263-8733","issn":["2263-8733"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Virology and Hacking Techniques","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7799999713897705}],"awards":[{"id":"https://openalex.org/G4656360545","display_name":null,"funder_award_id":"CZ.02.1.01/0.0/0.0/16 019/0000765","funder_id":"https://openalex.org/F4320334253","funder_display_name":"Research Center for Informatics, Czech Technical University in Prague"},{"id":"https://openalex.org/G5641063287","display_name":null,"funder_award_id":"CZ.02.1.01","funder_id":"https://openalex.org/F4320321005","funder_display_name":"Ministerstvo \u0160kolstv\u00ed, Ml\u00e1de\u017ee a T\u011blov\u00fdchovy"},{"id":"https://openalex.org/G5903139063","display_name":null,"funder_award_id":"CZ.02.1.01/0.0/0.0/16019/0000765","funder_id":"https://openalex.org/F4320321005","funder_display_name":"Ministerstvo \u0160kolstv\u00ed, Ml\u00e1de\u017ee a T\u011blov\u00fdchovy"},{"id":"https://openalex.org/G8322354948","display_name":null,"funder_award_id":"SGS23/211/OHK3/3T/18","funder_id":"https://openalex.org/F4320321005","funder_display_name":"Ministerstvo \u0160kolstv\u00ed, Ml\u00e1de\u017ee a T\u011blov\u00fdchovy"}],"funders":[{"id":"https://openalex.org/F4320309972","display_name":"\u010cesk\u00e9 Vysok\u00e9 U\u010den\u00ed Technick\u00e9 v Praze","ror":"https://ror.org/03kqpb082"},{"id":"https://openalex.org/F4320321005","display_name":"Ministerstvo \u0160kolstv\u00ed, Ml\u00e1de\u017ee a T\u011blov\u00fdchovy","ror":"https://ror.org/037n8p820"},{"id":"https://openalex.org/F4320334253","display_name":"Research Center for Informatics, Czech Technical University in Prague","ror":null}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4392923972.pdf"},"referenced_works_count":26,"referenced_works":["https://openalex.org/W2084376682","https://openalex.org/W2095577883","https://openalex.org/W2145339207","https://openalex.org/W2180612164","https://openalex.org/W2215444025","https://openalex.org/W2591788621","https://openalex.org/W2736601468","https://openalex.org/W2784452215","https://openalex.org/W2799420851","https://openalex.org/W2811374584","https://openalex.org/W2900633536","https://openalex.org/W2963165251","https://openalex.org/W2963461515","https://openalex.org/W3020273542","https://openalex.org/W3090219579","https://openalex.org/W3112370249","https://openalex.org/W3158179156","https://openalex.org/W3164220323","https://openalex.org/W3164397115","https://openalex.org/W4221154652","https://openalex.org/W4288638181","https://openalex.org/W4293580221","https://openalex.org/W4297747285","https://openalex.org/W4298857966","https://openalex.org/W4300687693","https://openalex.org/W4394666657"],"related_works":["https://openalex.org/W2502115930","https://openalex.org/W1995118279","https://openalex.org/W4240624848","https://openalex.org/W2783112941","https://openalex.org/W2526398307","https://openalex.org/W2470029541","https://openalex.org/W4387065217","https://openalex.org/W4368275542","https://openalex.org/W2470502009","https://openalex.org/W3152957156"],"abstract_inverted_index":{"Abstract":[0],"Because":[1],"of":[2,44,73,80,96,116,138,151,163,179],"its":[3],"world-class":[4],"results,":[5],"machine":[6],"learning":[7,87,91],"(ML)":[8],"is":[9,65],"becoming":[10],"increasingly":[11],"popular":[12],"as":[13],"a":[14,21,62,78,94],"go-to":[15],"solution":[16],"for":[17,56,70],"many":[18,57],"tasks.":[19],"As":[20],"result,":[22],"antivirus":[23,155,172],"developers":[24],"are":[25,192],"incorporating":[26],"ML":[27],"models":[28,34,58,186],"into":[29],"their":[30],"toolchains.":[31],"While":[32],"these":[33,207],"improve":[35],"malware":[36,74,83,189],"detection":[37,190],"capabilities,":[38],"they":[39],"also":[40],"carry":[41],"the":[42,71,105,119,131,141],"disadvantage":[43],"being":[45],"susceptible":[46],"to":[47,194,202,205],"adversarial":[48,82,102,195],"attacks.":[49],"Although":[50],"this":[51],"vulnerability":[52],"has":[53],"been":[54],"demonstrated":[55],"in":[59,68,188],"white-box":[60],"settings,":[61],"black-box":[63],"scenario":[64],"more":[66],"applicable":[67],"practice":[69],"domain":[72],"detection.":[75],"We":[76],"present":[77],"method":[79],"creating":[81,100],"examples":[84],"using":[85],"reinforcement":[86,90],"algorithms.":[88],"The":[89,125],"agents":[92],"utilize":[93],"set":[95],"functionality-preserving":[97,165],"modifications,":[98],"thus":[99],"valid":[101],"examples.":[103],"Using":[104],"proximal":[106],"policy":[107],"optimization":[108],"(PPO)":[109],"algorithm,":[110],"we":[111,158],"achieved":[112],"an":[113,135,147,175],"evasion":[114,136,149,177],"rate":[115,137,150,178],"53.84%":[117],"against":[118,130,140,153],"gradient-boosted":[120],"decision":[121],"tree":[122],"(GBDT)":[123],"detector.":[124],"PPO":[126],"agent":[127],"previously":[128],"trained":[129],"GBDT":[132],"classifier":[133,144],"scored":[134],"11.41%":[139],"neural":[142],"network-based":[143],"MalConv":[145],"and":[146,197],"average":[148,176],"2.31%":[152],"top":[154],"programs.":[156],"Furthermore,":[157],"discovered":[159],"that":[160,184,198],"random":[161],"application":[162],"our":[164],"portable":[166],"executable":[167],"modifications":[168],"successfully":[169],"evades":[170],"leading":[171],"engines,":[173],"with":[174],"11.65%.":[180],"These":[181],"findings":[182],"indicate":[183],"ML-based":[185],"used":[187],"systems":[191],"sensitive":[193],"attacks":[196],"better":[199],"safeguards":[200],"need":[201],"be":[203],"taken":[204],"protect":[206],"systems.":[208]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":16},{"year":2024,"cited_by_count":5}],"updated_date":"2026-02-03T23:48:18.283914","created_date":"2025-10-10T00:00:00"}