{"id":"https://openalex.org/W4386765276","doi":"https://doi.org/10.1109/dac56929.2023.10247858","title":"MPass: Bypassing Learning-based Static Malware Detectors","display_name":"MPass: Bypassing Learning-based Static Malware Detectors","publication_year":2023,"publication_date":"2023-07-09","ids":{"openalex":"https://openalex.org/W4386765276","doi":"https://doi.org/10.1109/dac56929.2023.10247858"},"language":"en","primary_location":{"id":"doi:10.1109/dac56929.2023.10247858","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/dac56929.2023.10247858","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 60th ACM/IEEE Design Automation Conference (DAC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5058220215","display_name":"Jialai Wang","orcid":"https://orcid.org/0000-0003-2176-9305"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Jialai Wang","raw_affiliation_strings":["Tsinghua University"],"affiliations":[{"raw_affiliation_string":"Tsinghua University","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5083243706","display_name":"Wenjie Qu","orcid":null},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wenjie Qu","raw_affiliation_strings":["Huazhong University of Science and Technology"],"affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101967704","display_name":"Yi Rong","orcid":"https://orcid.org/0009-0000-6296-3572"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yi Rong","raw_affiliation_strings":["Tsinghua University"],"affiliations":[{"raw_affiliation_string":"Tsinghua University","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5019692903","display_name":"Han Qiu","orcid":"https://orcid.org/0000-0003-2678-8070"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Han Qiu","raw_affiliation_strings":["Tsinghua University","Zhongguancun Laboratory"],"affiliations":[{"raw_affiliation_string":"Tsinghua University","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"Zhongguancun Laboratory","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100350165","display_name":"Qi Li","orcid":"https://orcid.org/0000-0001-8776-8730"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qi Li","raw_affiliation_strings":["Tsinghua University","Zhongguancun Laboratory"],"affiliations":[{"raw_affiliation_string":"Tsinghua University","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"Zhongguancun Laboratory","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066247159","display_name":"Zongpeng Li","orcid":"https://orcid.org/0000-0001-5351-2075"},"institutions":[{"id":"https://openalex.org/I4210136793","display_name":"Peng Cheng Laboratory","ror":"https://ror.org/03qdqbt06","country_code":"CN","type":"facility","lineage":["https://openalex.org/I4210136793"]},{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zongpeng Li","raw_affiliation_strings":["Tsinghua University","Quan Cheng Laboratory"],"affiliations":[{"raw_affiliation_string":"Tsinghua University","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"Quan Cheng Laboratory","institution_ids":["https://openalex.org/I4210136793"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100460096","display_name":"Chao Zhang","orcid":"https://orcid.org/0000-0001-7894-8828"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chao Zhang","raw_affiliation_strings":["Tsinghua University","Zhongguancun Laboratory"],"affiliations":[{"raw_affiliation_string":"Tsinghua University","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"Zhongguancun Laboratory","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5058220215"],"corresponding_institution_ids":["https://openalex.org/I99065089"],"apc_list":null,"apc_paid":null,"fwci":0.5234,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.72076359,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9908000230789185,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9407360553741455},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8075463175773621},{"id":"https://openalex.org/keywords/detector","display_name":"Detector","score":0.6073600649833679},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.5024018287658691},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4643592834472656},{"id":"https://openalex.org/keywords/black-box","display_name":"Black box","score":0.44755274057388306},{"id":"https://openalex.org/keywords/adversarial-machine-learning","display_name":"Adversarial machine learning","score":0.42289701104164124},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3509749472141266},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3487759530544281}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9407360553741455},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8075463175773621},{"id":"https://openalex.org/C94915269","wikidata":"https://www.wikidata.org/wiki/Q1834857","display_name":"Detector","level":2,"score":0.6073600649833679},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.5024018287658691},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4643592834472656},{"id":"https://openalex.org/C94966114","wikidata":"https://www.wikidata.org/wiki/Q29256","display_name":"Black box","level":2,"score":0.44755274057388306},{"id":"https://openalex.org/C2778403875","wikidata":"https://www.wikidata.org/wiki/Q20312394","display_name":"Adversarial machine learning","level":3,"score":0.42289701104164124},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3509749472141266},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3487759530544281},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/dac56929.2023.10247858","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/dac56929.2023.10247858","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 60th ACM/IEEE Design Automation Conference (DAC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6100000143051147}],"awards":[],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320335777","display_name":"National Key Research and Development Program of China","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":40,"referenced_works":["https://openalex.org/W1673923490","https://openalex.org/W2570685808","https://openalex.org/W2574797807","https://openalex.org/W2620038827","https://openalex.org/W2776884785","https://openalex.org/W2784097977","https://openalex.org/W2946344298","https://openalex.org/W2962862931","https://openalex.org/W2963744840","https://openalex.org/W2963834268","https://openalex.org/W2963857521","https://openalex.org/W2964205597","https://openalex.org/W2964268978","https://openalex.org/W2964346747","https://openalex.org/W3007070494","https://openalex.org/W3015001695","https://openalex.org/W3015481738","https://openalex.org/W3090219579","https://openalex.org/W3090952333","https://openalex.org/W3112370249","https://openalex.org/W3113062381","https://openalex.org/W3164220323","https://openalex.org/W3175941285","https://openalex.org/W3211764671","https://openalex.org/W3213928261","https://openalex.org/W3213980558","https://openalex.org/W4281385582","https://openalex.org/W4293472651","https://openalex.org/W4293846201","https://openalex.org/W4297747285","https://openalex.org/W4300687693","https://openalex.org/W6637162671","https://openalex.org/W6731927902","https://openalex.org/W6737947904","https://openalex.org/W6739868092","https://openalex.org/W6745899033","https://openalex.org/W6750318962","https://openalex.org/W6752705692","https://openalex.org/W6752985256","https://openalex.org/W6787397131"],"related_works":["https://openalex.org/W3216063557","https://openalex.org/W3046843850","https://openalex.org/W4386716251","https://openalex.org/W4312707592","https://openalex.org/W2963115223","https://openalex.org/W3197643498","https://openalex.org/W3187464208","https://openalex.org/W4382173550","https://openalex.org/W2603766943","https://openalex.org/W2951807304"],"abstract_inverted_index":{"Machine":[0],"learning":[1],"(ML)":[2],"based":[3],"static":[4],"malware":[5,22,44],"detectors":[6],"are":[7],"widely":[8],"deployed,":[9],"but":[10],"vulnerable":[11],"to":[12,21,65,74,83],"adversarial":[13,72],"attacks.":[14],"Unlike":[15],"images":[16,33],"or":[17,34],"texts,":[18],"tiny":[19],"modifications":[20,73],"samples":[23],"would":[24],"significantly":[25,38],"compromise":[26],"their":[27],"functionality.":[28,86],"Consequently,":[29],"existing":[30,91],"attacks":[31],"against":[32,56],"texts":[35],"will":[36],"be":[37],"restricted":[39],"when":[40],"being":[41],"deployed":[42],"on":[43],"detectors.":[45,58],"In":[46],"this":[47],"work,":[48],"we":[49],"propose":[50],"a":[51,61,79],"hard-label":[52],"black-box":[53],"attack":[54],"MPass":[55,59,89],"ML-based":[57,101],"employs":[60],"problem-space":[62],"explainability":[63],"method":[64],"locate":[66],"critical":[67],"positions":[68],"of":[69],"malware,":[70],"applies":[71],"such":[75],"positions,":[76],"and":[77,93,99],"utilizes":[78],"runtime":[80],"recovery":[81],"technique":[82],"preserve":[84],"the":[85],"Experiments":[87],"show":[88],"outperforms":[90],"solutions":[92],"bypasses":[94],"both":[95],"state-of-the-art":[96],"offline":[97],"models":[98],"commercial":[100],"antivirus":[102],"products.":[103]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1}],"updated_date":"2026-04-01T17:29:45.350535","created_date":"2025-10-10T00:00:00"}