{"id":"https://openalex.org/W4394769426","doi":"https://doi.org/10.1145/3597503.3639141","title":"MalwareTotal: Multi-Faceted and Sequence-Aware Bypass Tactics against Static Malware Detection","display_name":"MalwareTotal: Multi-Faceted and Sequence-Aware Bypass Tactics against Static Malware Detection","publication_year":2024,"publication_date":"2024-04-12","ids":{"openalex":"https://openalex.org/W4394769426","doi":"https://doi.org/10.1145/3597503.3639141"},"language":"en","primary_location":{"id":"doi:10.1145/3597503.3639141","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3597503.3639141","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 46th International Conference on Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100717593","display_name":"Shuai He","orcid":"https://orcid.org/0000-0003-3541-4599"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Shuai He","raw_affiliation_strings":["Hubei Engineering Research Center on Big Data Security, Huazhong University of Science and Technology, Wuhan, China","Hubei Key Laboratory of Distributed System Security, Huazhong University of Science and Technology, Wuhan, China","School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China Hubei Key Laboratory of Distributed System Security, Huazhong University of Science and Technology, Wuhan, China Hubei Engineering Research Center on Big Data Security, Huazhong University of Science and Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"Hubei Engineering Research Center on Big Data Security, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]},{"raw_affiliation_string":"Hubei Key Laboratory of Distributed System Security, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]},{"raw_affiliation_string":"School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]},{"raw_affiliation_string":"School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China Hubei Key Laboratory of Distributed System Security, Huazhong University of Science and Technology, Wuhan, China Hubei Engineering Research Center on Big Data Security, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038034507","display_name":"Cai Fu","orcid":"https://orcid.org/0000-0003-4536-3537"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Cai Fu","raw_affiliation_strings":["Hubei Engineering Research Center on Big Data Security, Huazhong University of Science and Technology, Wuhan, China","Hubei Key Laboratory of Distributed System Security, Huazhong University of Science and Technology, Wuhan, China","School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China Hubei Key Laboratory of Distributed System Security, Huazhong University of Science and Technology, Wuhan, China Hubei Engineering Research Center on Big Data Security, Huazhong University of Science and Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"Hubei Engineering Research Center on Big Data Security, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]},{"raw_affiliation_string":"Hubei Key Laboratory of Distributed System Security, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]},{"raw_affiliation_string":"School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]},{"raw_affiliation_string":"School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China Hubei Key Laboratory of Distributed System Security, Huazhong University of Science and Technology, Wuhan, China Hubei Engineering Research Center on Big Data Security, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102150414","display_name":"Hong Hu","orcid":"https://orcid.org/0000-0002-6261-3190"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hong Hu","raw_affiliation_strings":["Pennsylvania State University, State College, Pennsylvania, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, State College, Pennsylvania, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053595913","display_name":"Jiahe Chen","orcid":"https://orcid.org/0009-0009-0424-6941"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiahe Chen","raw_affiliation_strings":["School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5110369907","display_name":"Jianqiang Lv","orcid":"https://orcid.org/0000-0001-6931-0179"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jianqiang Lv","raw_affiliation_strings":["School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5040866587","display_name":"Shuai Jiang","orcid":null},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shuai Jiang","raw_affiliation_strings":["School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5100717593"],"corresponding_institution_ids":["https://openalex.org/I47720641"],"apc_list":null,"apc_paid":null,"fwci":1.1251,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.75147232,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"12"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.9350074529647827},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8202055096626282},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.6672969460487366},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5586082339286804},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5026874542236328},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.42041438817977905},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.41920024156570435},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.13674885034561157}],"concepts":[{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.9350074529647827},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8202055096626282},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.6672969460487366},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5586082339286804},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5026874542236328},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.42041438817977905},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.41920024156570435},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.13674885034561157}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3597503.3639141","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3597503.3639141","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 46th International Conference on Software Engineering","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7799999713897705,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G7263995861","display_name":null,"funder_award_id":"No. 62072200","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":33,"referenced_works":["https://openalex.org/W2039048406","https://openalex.org/W2108682071","https://openalex.org/W2154421872","https://openalex.org/W2400648064","https://openalex.org/W2603766943","https://openalex.org/W2613995098","https://openalex.org/W2732916693","https://openalex.org/W2789834059","https://openalex.org/W2794652108","https://openalex.org/W2946661411","https://openalex.org/W2963165251","https://openalex.org/W2963274426","https://openalex.org/W2982725903","https://openalex.org/W2996744292","https://openalex.org/W3022269570","https://openalex.org/W3036847733","https://openalex.org/W3090219579","https://openalex.org/W3099284022","https://openalex.org/W3104141960","https://openalex.org/W3159204880","https://openalex.org/W3164220323","https://openalex.org/W3168097936","https://openalex.org/W3189623384","https://openalex.org/W4210864560","https://openalex.org/W4220722393","https://openalex.org/W4226416841","https://openalex.org/W4281385582","https://openalex.org/W4285173171","https://openalex.org/W4288072399","https://openalex.org/W4384129390","https://openalex.org/W4384948742","https://openalex.org/W4385412213","https://openalex.org/W4386765276"],"related_works":["https://openalex.org/W2502115930","https://openalex.org/W2482350142","https://openalex.org/W4246396837","https://openalex.org/W3126451824","https://openalex.org/W1561927205","https://openalex.org/W3191453585","https://openalex.org/W4297672492","https://openalex.org/W4310988119","https://openalex.org/W4285226279","https://openalex.org/W4288019534"],"abstract_inverted_index":{"Recent":[0],"methods":[1,117],"have":[2,180],"demonstrated":[3,181],"that":[4,84,102,148,194,235],"machine":[5],"learning":[6],"(ML)":[7],"based":[8],"static":[9],"malware":[10,21,47,62,143,154,187],"detection":[11,36,108],"models":[12,227],"are":[13],"vulnerable":[14],"to":[15,24,26,43,64,66,88,169],"adversarial":[16,153,199,219,230,244],"attacks.":[17],"However,":[18],"the":[19,44,56,142,170,174,184,208,214,217,236,239],"generated":[20,176,218,243],"often":[22],"fails":[23],"generalize":[25],"production-level":[27,130],"anti-malware":[28,73,131],"software":[29,132],"(AMS),":[30],"as":[31,198,221],"they":[32],"usually":[33],"involve":[34],"multiple":[35],"methods.":[37],"This":[38],"calls":[39],"for":[40],"universal":[41],"solutions":[42],"problem":[45],"of":[46,167,216,224,238],"variants":[48,63],"generation.":[49],"In":[50,190],"this":[51],"work,":[52],"we":[53,79,100,192,212],"demonstrate":[54,101,147,234],"how":[55],"proposed":[57,209],"method,":[58],"MalwareTotal,":[59],"has":[60],"allowed":[61],"continue":[65],"abound":[67],"in":[68,158,183],"ML-based,":[69],"signature-based,":[70],"and":[71,110,119,124,136,162,233],"hybrid":[72],"software.":[74],"Given":[75],"a":[76,222],"malicious":[77,86],"binary,":[78],"develop":[80],"sequential":[81],"bypass":[82,107],"tactics":[83],"enable":[85],"behavior":[87],"be":[89],"concealed":[90],"within":[91],"multi-faceted":[92],"manipulations.":[93],"Through":[94],"12":[95],"experiments":[96],"on":[97,201],"real-world":[98,185],"malware,":[99],"an":[103,229],"attacker":[104],"can":[105],"consistently":[106],"(98.67%,":[109],"100%":[111],"attack":[112,126,159],"success":[113,127,160],"rate":[114,128,161],"against":[115,129,207,242],"ML-based":[116],"EMBER":[118],"MalConv,":[120],"respectively;":[121],"95.33%,":[122],"92.63%,":[123],"98.52%":[125],"ClamAV,":[133],"AMS":[134,137],"A,":[135],"B,":[138],"respectively)":[139],"without":[140],"modifying":[141],"functionality.":[144],"We":[145],"further":[146],"our":[149,178],"approach":[150],"outperforms":[151],"state-of-the-art":[152],"generation":[155],"techniques":[156],"both":[157],"query":[163],"consumption":[164],"(the":[165],"number":[166],"queries":[168],"target":[171],"model).":[172],"Moreover,":[173],"samples":[175],"by":[177,247],"method":[179],"transferability":[182],"integrated":[186],"detector,":[188],"VirusTotal.":[189],"addition,":[191],"show":[193],"common":[195],"mitigation":[196],"such":[197],"training":[200,231],"known":[202],"attacks":[203],"cannot":[204],"effectively":[205],"defend":[206],"attack.":[210],"Finally,":[211],"investigate":[213],"value":[215],"examples":[220,245],"means":[223],"hardening":[225],"victim":[226],"through":[228],"procedure,":[232],"accuracy":[237],"retrained":[240],"model":[241],"increases":[246],"88.51":[248],"percentage":[249],"points.":[250]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}