{"id":"https://openalex.org/W4403277120","doi":"https://doi.org/10.1109/tdsc.2024.3477272","title":"Learning Contextualized Action Representations in Sequential Decision Making for Adversarial Malware Optimization","display_name":"Learning Contextualized Action Representations in Sequential Decision Making for Adversarial Malware Optimization","publication_year":2024,"publication_date":"2024-10-09","ids":{"openalex":"https://openalex.org/W4403277120","doi":"https://doi.org/10.1109/tdsc.2024.3477272"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2024.3477272","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2024.3477272","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Reza Ebrahimi","orcid":"https://orcid.org/0000-0003-1367-3338"},"institutions":[{"id":"https://openalex.org/I2613432","display_name":"University of South Florida","ror":"https://ror.org/032db5x82","country_code":"US","type":"education","lineage":["https://openalex.org/I2613432"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Reza Ebrahimi","raw_affiliation_strings":["School of Information Systems and Management, University of South Florida, Tampa, FL, USA"],"affiliations":[{"raw_affiliation_string":"School of Information Systems and Management, University of South Florida, Tampa, FL, USA","institution_ids":["https://openalex.org/I2613432"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021193065","display_name":"Jason Pacheco","orcid":"https://orcid.org/0000-0003-1711-1041"},"institutions":[{"id":"https://openalex.org/I138006243","display_name":"University of Arizona","ror":"https://ror.org/03m2x1q45","country_code":"US","type":"education","lineage":["https://openalex.org/I138006243"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jason Pacheco","raw_affiliation_strings":["Department of Computer Science, University of Arizona, Tucson, AZ, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Arizona, Tucson, AZ, USA","institution_ids":["https://openalex.org/I138006243"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046482790","display_name":"James Lee Hu","orcid":"https://orcid.org/0009-0009-5112-6280"},"institutions":[{"id":"https://openalex.org/I138006243","display_name":"University of Arizona","ror":"https://ror.org/03m2x1q45","country_code":"US","type":"education","lineage":["https://openalex.org/I138006243"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"James Hu","raw_affiliation_strings":["Artifical Intelligence Lab, University of Arizona, Tucson, AZ, USA"],"affiliations":[{"raw_affiliation_string":"Artifical Intelligence Lab, University of Arizona, Tucson, AZ, USA","institution_ids":["https://openalex.org/I138006243"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5109924510","display_name":"Hsinchun Chen","orcid":null},"institutions":[{"id":"https://openalex.org/I138006243","display_name":"University of Arizona","ror":"https://ror.org/03m2x1q45","country_code":"US","type":"education","lineage":["https://openalex.org/I138006243"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hsinchun Chen","raw_affiliation_strings":["Artifical Intelligence Lab, University of Arizona, Tucson, AZ, USA"],"affiliations":[{"raw_affiliation_string":"Artifical Intelligence Lab, University of Arizona, Tucson, AZ, USA","institution_ids":["https://openalex.org/I138006243"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I2613432"],"apc_list":null,"apc_paid":null,"fwci":1.0245,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.81082794,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":97},"biblio":{"volume":"22","issue":"3","first_page":"2086","last_page":"2102"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9853000044822693,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7909327149391174},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7870888710021973},{"id":"https://openalex.org/keywords/action","display_name":"Action (physics)","score":0.6229851841926575},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.6071935892105103},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5246791243553162},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3988993763923645},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3524368405342102},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.3444787859916687}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7909327149391174},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7870888710021973},{"id":"https://openalex.org/C2780791683","wikidata":"https://www.wikidata.org/wiki/Q846785","display_name":"Action (physics)","level":2,"score":0.6229851841926575},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.6071935892105103},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5246791243553162},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3988993763923645},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3524368405342102},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3444787859916687},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2024.3477272","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2024.3477272","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.6100000143051147,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G1985538263","display_name":null,"funder_award_id":"CNS-1936370 (SaTC CORE)","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5891783503","display_name":null,"funder_award_id":"DGE-1921485 (SFS)","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":59,"referenced_works":["https://openalex.org/W258019806","https://openalex.org/W1893133781","https://openalex.org/W2096785587","https://openalex.org/W2250539671","https://openalex.org/W2749572357","https://openalex.org/W2760313715","https://openalex.org/W2776884785","https://openalex.org/W2809895662","https://openalex.org/W2919491917","https://openalex.org/W2932977083","https://openalex.org/W2942795289","https://openalex.org/W2943796454","https://openalex.org/W2946661411","https://openalex.org/W2963165251","https://openalex.org/W2968831808","https://openalex.org/W2973628901","https://openalex.org/W3010216895","https://openalex.org/W3012161115","https://openalex.org/W3090219579","https://openalex.org/W3156470785","https://openalex.org/W3182015545","https://openalex.org/W3186739895","https://openalex.org/W3196688193","https://openalex.org/W4281385582","https://openalex.org/W4287851288","https://openalex.org/W4310113565","https://openalex.org/W4378977274","https://openalex.org/W6631000544","https://openalex.org/W6683204974","https://openalex.org/W6730111887","https://openalex.org/W6737577832","https://openalex.org/W6737984913","https://openalex.org/W6738397735","https://openalex.org/W6739868092","https://openalex.org/W6745899033","https://openalex.org/W6747473740","https://openalex.org/W6748325151","https://openalex.org/W6748839928","https://openalex.org/W6750305986","https://openalex.org/W6750318962","https://openalex.org/W6752705692","https://openalex.org/W6755207826","https://openalex.org/W6755612348","https://openalex.org/W6755625160","https://openalex.org/W6756675569","https://openalex.org/W6759315145","https://openalex.org/W6763701032","https://openalex.org/W6766673545","https://openalex.org/W6771673982","https://openalex.org/W6774680895","https://openalex.org/W6777019158","https://openalex.org/W6778883912","https://openalex.org/W6785889717","https://openalex.org/W6787397131","https://openalex.org/W6787448180","https://openalex.org/W6801486040","https://openalex.org/W6809591836","https://openalex.org/W6857588226","https://openalex.org/W6864350279"],"related_works":["https://openalex.org/W2502115930","https://openalex.org/W2482350142","https://openalex.org/W4246396837","https://openalex.org/W3126451824","https://openalex.org/W1561927205","https://openalex.org/W3191453585","https://openalex.org/W4297672492","https://openalex.org/W4310988119","https://openalex.org/W4285226279","https://openalex.org/W4288019534"],"abstract_inverted_index":{"Deep":[0],"learning":[1],"(DL)-based":[2],"malware":[3,12,16,29,36,53,71,93,109,118,139,150,186,191,223,234],"detectors":[4,20,39],"have":[5,21],"shown":[6,23],"promise":[7],"in":[8,120,228],"swiftly":[9],"detecting":[10],"unseen":[11],"without":[13,152],"expensive":[14],"dynamic":[15,115],"behavior":[17,119],"analysis.":[18],"These":[19],"been":[22],"to":[24,27,37,47,59,89,108,148,184,211],"be":[25],"susceptible":[26],"adversarial":[28,52,70,100,138,230,238],"variants":[30,54,151,224,239],"generated":[31,225],"from":[32],"meticulously":[33],"modifying":[34],"known":[35],"mislead":[38],"into":[40],"recognizing":[41],"them":[42],"as":[43],"benign.":[44],"Being":[45],"able":[46],"automatically":[48],"generate":[49,149],"optimized":[50],"functional":[51],"by":[55,226,240],"defenders":[56],"is":[57],"crucial":[58],"effective":[60],"cyber":[61],"defense":[62],"and":[63,111,163],"staying":[64],"ahead":[65],"of":[66,81,99,106,117,180,182],"the":[67,82,201,208,222],"adversary.":[68],"Current":[69],"example":[72],"generation":[73],"methods":[74,203],"often":[75],"assume":[76],"threat":[77],"models":[78],"with":[79,143],"any":[80],"following":[83],"four":[84],"restrictions:":[85],"(1)":[86],"requiring":[87],"access":[88],"insider":[90],"knowledge":[91],"about":[92],"detectors,":[94],"(2)":[95],"an":[96,103,195,229],"unlimited":[97,104],"size":[98,210],"modifications,":[101],"(3)":[102],"number":[105],"queries":[107],"detector,":[110],"(4)":[112],"relying":[113],"on":[114,124,204,242],"analysis":[116],"a":[121,131,160,164],"sandbox.":[122],"Drawing":[123],"Actor-Critic":[125,142],"Reinforcement":[126],"Learning":[127],"(RL),":[128],"we":[129],"propose":[130],"novel":[132,158],"closed-box":[133],"binary":[134],"manipulation":[135],"method":[136],"for":[137,188],"optimization,":[140],"named":[141],"Contextualized":[144],"Action":[145],"Representations":[146],"(AC-CAR),":[147],"these":[153],"restrictions.":[154],"AC-CAR":[155,176,193,227],"leverages":[156],"two":[157],"components,":[159],"contextualized":[161],"policy":[162],"neural":[165],"language":[166],"model-based":[167],"RL-augmented":[168],"top-<inline-formula><tex-math":[169],"notation=\"LaTeX\">$k$</tex-math></inline-formula>":[170],"sampling":[171],"method.":[172],"Unlike":[173],"current":[174,202],"methods,":[175],"can":[177],"utilize":[178],"tens":[179],"thousands":[181],"actions":[183],"augment":[185],"executables":[187],"evading":[189],"DL-based":[190],"detectors.":[192],"yields":[194],"approximately":[196],"2-fold":[197],"performance":[198],"increase":[199],"over":[200],"average,":[205],"while":[206],"decreasing":[207],"payload":[209],"20":[212],"times":[213],"smaller":[214],"than":[215],"leading":[216],"methods.":[217],"We":[218],"show":[219],"that":[220],"using":[221],"re-training":[231],"procedure":[232],"improves":[233],"detector\u2019":[235],"robustness":[236],"against":[237],"29.65%":[241],"average.":[243]},"counts_by_year":[{"year":2025,"cited_by_count":3}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}