{"id":"https://openalex.org/W4388820004","doi":"https://doi.org/10.1109/access.2023.3334645","title":"A Deep Reinforcement Learning Framework to Evade Black-Box Machine Learning Based IoT Malware Detectors Using GAN-Generated Influential Features","display_name":"A Deep Reinforcement Learning Framework to Evade Black-Box Machine Learning Based IoT Malware Detectors Using GAN-Generated Influential Features","publication_year":2023,"publication_date":"2023-01-01","ids":{"openalex":"https://openalex.org/W4388820004","doi":"https://doi.org/10.1109/access.2023.3334645"},"language":"en","primary_location":{"id":"doi:10.1109/access.2023.3334645","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3334645","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10322868.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10322868.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5072162421","display_name":"Rahat Maqsood Arif","orcid":"https://orcid.org/0009-0009-3440-1797"},"institutions":[{"id":"https://openalex.org/I142732210","display_name":"University of Engineering and Technology Lahore","ror":"https://ror.org/0051w2v06","country_code":"PK","type":"education","lineage":["https://openalex.org/I142732210"]}],"countries":["PK"],"is_corresponding":true,"raw_author_name":"Rahat Maqsood Arif","raw_affiliation_strings":["Department of Computer Science, University of Engineering and Technology, Lahore, Lahore, Pakistan"],"raw_orcid":"https://orcid.org/0009-0009-3440-1797","affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Engineering and Technology, Lahore, Lahore, Pakistan","institution_ids":["https://openalex.org/I142732210"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014422708","display_name":"Muhammad Aslam","orcid":"https://orcid.org/0000-0002-8977-9457"},"institutions":[{"id":"https://openalex.org/I142732210","display_name":"University of Engineering and Technology Lahore","ror":"https://ror.org/0051w2v06","country_code":"PK","type":"education","lineage":["https://openalex.org/I142732210"]}],"countries":["PK"],"is_corresponding":false,"raw_author_name":"Muhammad Aslam","raw_affiliation_strings":["Department of Computer Science, University of Engineering and Technology, Lahore, Lahore, Pakistan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Engineering and Technology, Lahore, Lahore, Pakistan","institution_ids":["https://openalex.org/I142732210"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030636911","display_name":"Shaha Al\u2010Otaibi","orcid":"https://orcid.org/0000-0002-6720-9955"},"institutions":[{"id":"https://openalex.org/I106778892","display_name":"Princess Nourah bint Abdulrahman University","ror":"https://ror.org/05b0cyh02","country_code":"SA","type":"education","lineage":["https://openalex.org/I106778892"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Shaha Al-Otaibi","raw_affiliation_strings":["Department of Information Systems, College of Computer and Information Sciences, Princess Nourah bint Abdulrahman University, Riyadh, Saudi Arabia"],"raw_orcid":"https://orcid.org/0000-0002-6720-9955","affiliations":[{"raw_affiliation_string":"Department of Information Systems, College of Computer and Information Sciences, Princess Nourah bint Abdulrahman University, Riyadh, Saudi Arabia","institution_ids":["https://openalex.org/I106778892"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109174289","display_name":"A. M. Mart\u00ednez-Enr\u00edquez","orcid":null},"institutions":[{"id":"https://openalex.org/I68368234","display_name":"Centro de Investigaci\u00f3n y de Estudios Avanzados del Instituto Polit\u00e9cnico Nacional","ror":"https://ror.org/009eqmr18","country_code":"MX","type":"facility","lineage":["https://openalex.org/I59361560","https://openalex.org/I68368234"]}],"countries":["MX"],"is_corresponding":false,"raw_author_name":"Ana Maria Martinez-Enriquez","raw_affiliation_strings":["Department of CS, CINVESTAV-IPN, Gustavo A. Madero, Mexico"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of CS, CINVESTAV-IPN, Gustavo A. Madero, Mexico","institution_ids":["https://openalex.org/I68368234"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018549351","display_name":"Tanzila Saba","orcid":"https://orcid.org/0000-0003-3138-3801"},"institutions":[{"id":"https://openalex.org/I142024983","display_name":"Prince Sultan University","ror":"https://ror.org/053mqrf26","country_code":"SA","type":"education","lineage":["https://openalex.org/I142024983"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Tanzila Saba","raw_affiliation_strings":["Artificial Intelligence and Data Analytics (AIDA) Laboratory, CCIS, Prince Sultan University, Riyadh, Saudi Arabia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Artificial Intelligence and Data Analytics (AIDA) Laboratory, CCIS, Prince Sultan University, Riyadh, Saudi Arabia","institution_ids":["https://openalex.org/I142024983"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5077942586","display_name":"Saeed Ali Bahaj","orcid":"https://orcid.org/0000-0003-3406-4320"},"institutions":[{"id":"https://openalex.org/I142608572","display_name":"Prince Sattam Bin Abdulaziz University","ror":"https://ror.org/04jt46d36","country_code":"SA","type":"education","lineage":["https://openalex.org/I142608572"]},{"id":"https://openalex.org/I319841309","display_name":"Hadhramout University","ror":"https://ror.org/02kv0px94","country_code":"YE","type":"education","lineage":["https://openalex.org/I319841309"]},{"id":"https://openalex.org/I4210165529","display_name":"University of Business and Technology","ror":"https://ror.org/05tcr1n44","country_code":"SA","type":"education","lineage":["https://openalex.org/I4210165529"]}],"countries":["SA","YE"],"is_corresponding":false,"raw_author_name":"Saeed Ali Bahaj","raw_affiliation_strings":["MIS Department, College of Business Administration, Prince Sattam bin Abdulaziz University, Al-Kharj, Saudi Arabia","Department of Computer Engineering, College of Engineering and Petroleum, Hadhramout University University, Mukalla, Hadhramout, Yemen"],"raw_orcid":"https://orcid.org/0000-0003-3406-4320","affiliations":[{"raw_affiliation_string":"MIS Department, College of Business Administration, Prince Sattam bin Abdulaziz University, Al-Kharj, Saudi Arabia","institution_ids":["https://openalex.org/I142608572","https://openalex.org/I4210165529"]},{"raw_affiliation_string":"Department of Computer Engineering, College of Engineering and Petroleum, Hadhramout University University, Mukalla, Hadhramout, Yemen","institution_ids":["https://openalex.org/I319841309"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5062125413","display_name":"Amjad Rehman","orcid":"https://orcid.org/0000-0002-3817-2655"},"institutions":[{"id":"https://openalex.org/I142024983","display_name":"Prince Sultan University","ror":"https://ror.org/053mqrf26","country_code":"SA","type":"education","lineage":["https://openalex.org/I142024983"]}],"countries":["SA"],"is_corresponding":false,"raw_author_name":"Amjad Rehman","raw_affiliation_strings":["Artificial Intelligence and Data Analytics (AIDA) Laboratory, CCIS, Prince Sultan University, Riyadh, Saudi Arabia"],"raw_orcid":"https://orcid.org/0000-0002-3817-2655","affiliations":[{"raw_affiliation_string":"Artificial Intelligence and Data Analytics (AIDA) Laboratory, CCIS, Prince Sultan University, Riyadh, Saudi Arabia","institution_ids":["https://openalex.org/I142024983"]}]}],"institutions":[],"countries_distinct_count":4,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5072162421"],"corresponding_institution_ids":["https://openalex.org/I142732210"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":3.2343,"has_fulltext":true,"cited_by_count":17,"citation_normalized_percentile":{"value":0.93263928,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":"11","issue":null,"first_page":"133717","last_page":"133729"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9966999888420105,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9873999953269958,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8592963218688965},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7723569869995117},{"id":"https://openalex.org/keywords/reinforcement-learning","display_name":"Reinforcement learning","score":0.7097373604774475},{"id":"https://openalex.org/keywords/black-box","display_name":"Black box","score":0.7084472179412842},{"id":"https://openalex.org/keywords/detector","display_name":"Detector","score":0.5240899920463562},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.49905824661254883},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.4897589683532715},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.479621022939682},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4218772053718567},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.29430827498435974},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.285500168800354},{"id":"https://openalex.org/keywords/telecommunications","display_name":"Telecommunications","score":0.06694504618644714}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8592963218688965},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7723569869995117},{"id":"https://openalex.org/C97541855","wikidata":"https://www.wikidata.org/wiki/Q830687","display_name":"Reinforcement learning","level":2,"score":0.7097373604774475},{"id":"https://openalex.org/C94966114","wikidata":"https://www.wikidata.org/wiki/Q29256","display_name":"Black box","level":2,"score":0.7084472179412842},{"id":"https://openalex.org/C94915269","wikidata":"https://www.wikidata.org/wiki/Q1834857","display_name":"Detector","level":2,"score":0.5240899920463562},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.49905824661254883},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.4897589683532715},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.479621022939682},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4218772053718567},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.29430827498435974},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.285500168800354},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.06694504618644714}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2023.3334645","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3334645","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10322868.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:dc6b7e9829db4be8a663544ad65946c3","is_oa":true,"landing_page_url":"https://doaj.org/article/dc6b7e9829db4be8a663544ad65946c3","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 11, Pp 133717-133729 (2023)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2023.3334645","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3334645","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/6514899/10322868.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G8218786907","display_name":null,"funder_award_id":"PNURSP2023R136","funder_id":"https://openalex.org/F4320322484","funder_display_name":"Princess Nourah Bint Abdulrahman University"}],"funders":[{"id":"https://openalex.org/F4320322484","display_name":"Princess Nourah Bint Abdulrahman University","ror":"https://ror.org/05b0cyh02"},{"id":"https://openalex.org/F4320327702","display_name":"Prince Sultan University","ror":"https://ror.org/053mqrf26"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4388820004.pdf","grobid_xml":"https://content.openalex.org/works/W4388820004.grobid-xml"},"referenced_works_count":42,"referenced_works":["https://openalex.org/W1673923490","https://openalex.org/W1710476689","https://openalex.org/W2508108853","https://openalex.org/W2599823825","https://openalex.org/W2768696376","https://openalex.org/W2791879367","https://openalex.org/W2799420851","https://openalex.org/W2804769055","https://openalex.org/W2888120486","https://openalex.org/W2890528701","https://openalex.org/W2911377781","https://openalex.org/W2913493033","https://openalex.org/W2922344003","https://openalex.org/W2932977083","https://openalex.org/W2939746199","https://openalex.org/W2962802821","https://openalex.org/W2964159373","https://openalex.org/W2982596671","https://openalex.org/W2991680373","https://openalex.org/W3018115347","https://openalex.org/W3024340288","https://openalex.org/W3032258369","https://openalex.org/W3158179156","https://openalex.org/W3174263212","https://openalex.org/W3180933073","https://openalex.org/W3186080995","https://openalex.org/W3194345182","https://openalex.org/W3196781733","https://openalex.org/W3201016636","https://openalex.org/W4213123368","https://openalex.org/W4249349924","https://openalex.org/W4307190418","https://openalex.org/W4310113565","https://openalex.org/W4316013375","https://openalex.org/W4320147968","https://openalex.org/W4360993664","https://openalex.org/W4362647521","https://openalex.org/W4366687195","https://openalex.org/W4386505605","https://openalex.org/W6637162671","https://openalex.org/W6751070894","https://openalex.org/W6794755308"],"related_works":["https://openalex.org/W2097492617","https://openalex.org/W2753240997","https://openalex.org/W1764168690","https://openalex.org/W2537959205","https://openalex.org/W2740895074","https://openalex.org/W2772446090","https://openalex.org/W4284893819","https://openalex.org/W3152891574","https://openalex.org/W4377865163","https://openalex.org/W3184396788"],"abstract_inverted_index":{"In":[0],"the":[1,41,53,97,167,175,181,192,215,228,235,243,253,270],"internet":[2],"of":[3,40,43,55,171,180,188,196,207,233,256],"things":[4],"(IoT)":[5],"networks,":[6],"machine":[7,258,271],"learning":[8,259,272],"(ML)":[9],"is":[10,33,49],"significantly":[11],"used":[12,213],"for":[13],"malware":[14,57,92,98,125,156,164,183,197],"and":[15,116,136,166,177,199],"adversary":[16],"detection.":[17],"Recently,":[18],"research":[19],"has":[20],"shown":[21],"that":[22,121,210,225],"adversarial":[23,61,65,236,277],"attacks":[24],"have":[25],"put":[26],"ML-based":[27],"models":[28,246,260,273],"at":[29],"risk.":[30],"This":[31,100],"problem":[32],"exacerbated":[34],"in":[35,90,191,231,282],"an":[36,76,105,248],"IoT":[37],"environment":[38],"because":[39],"absence":[42],"adequate":[44],"security":[45],"measures.":[46],"Consequently,":[47],"it":[48,81],"crucial":[50,89],"to":[51,83,103,149,158,218,265],"evaluate":[52],"strength":[54],"such":[56,131],"detectors":[58,165],"using":[59,200,276],"powerful":[60],"samples.":[62,184],"The":[63,140,185],"existing":[64],"sample":[66],"generation":[67],"strategies":[68],"either":[69],"rely":[70],"on":[71,111],"high-level":[72],"image":[73],"features":[74,209,230],"or":[75],"unfiltered":[77,193],"feature":[78,86,194],"set,":[79],"making":[80],"challenging":[82],"determine":[84],"which":[85],"modifications":[87],"are":[88,211],"evading":[91],"detection":[93,168,254,283],"systems,":[94],"without":[95],"compromising":[96],"functionality.":[99],"encourages":[101],"us":[102],"propose":[104],"evasion":[106,245,250],"framework":[107,142],"named":[108],"IF-MalEvade,":[109],"based":[110,163],"Generative":[112],"Adversarial":[113],"Network":[114],"(GAN)":[115],"Deep":[117],"Reinforcement":[118],"Learning":[119],"(DRL)":[120],"effectively":[122],"generates":[123],"fully-working,":[124],"samples":[126,157,237],"with":[127,247],"several":[128],"effective":[129,220],"perturbations":[130],"as":[132],"header":[133],"section":[134],"manipulation":[135],"benign":[137],"bytes":[138],"insertion.":[139],"DRL":[141,216],"selects":[143],"a":[144,205,279],"few":[145],"suitable":[146],"action":[147],"sequences":[148],"change":[150],"malicious":[151,178],"samples,":[152,278],"thus":[153],"allowing":[154],"our":[155,240],"bypass":[159],"various":[160],"black-box":[161],"ML":[162],"search":[169],"engines":[170],"VirusTotal,":[172],"while":[173],"maintaining":[174],"executability":[176],"behavior":[179],"original":[182],"neural":[186],"networks":[187],"GAN":[189],"take":[190],"set":[195,206],"dataset":[198],"minimax":[201],"objective":[202],"function":[203],"yields":[204],"useful":[208],"subsequently":[212],"by":[214,226,239],"agent":[217],"make":[219],"changes.":[221],"Experimental":[222],"results":[223],"illustrated":[224],"utilizing":[227],"influential":[229],"sequence":[232],"transformations,":[234],"generated":[238],"model":[241],"outperformed":[242],"state-of-the-art":[244],"impressive":[249],"rate.":[251],"Additionally,":[252],"rate":[255],"well-known":[257],"was":[261,285],"also":[262],"brought":[263],"down":[264],"upto":[266],"97%.":[267],"Furthermore,":[268],"when":[269],"were":[274],"retrained":[275],"35%":[280],"increase":[281],"accuracy":[284],"observed.":[286]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":11},{"year":2024,"cited_by_count":4}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}