{"id":"https://openalex.org/W4402957915","doi":"https://doi.org/10.1145/3678890.3678912","title":"How to Train your Antivirus: RL-based Hardening through the Problem Space","display_name":"How to Train your Antivirus: RL-based Hardening through the Problem Space","publication_year":2024,"publication_date":"2024-09-29","ids":{"openalex":"https://openalex.org/W4402957915","doi":"https://doi.org/10.1145/3678890.3678912"},"language":"en","primary_location":{"id":"doi:10.1145/3678890.3678912","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3678890.3678912","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The 27th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3678890.3678912","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5003959400","display_name":"Ilias Tsingenopoulos","orcid":"https://orcid.org/0000-0002-7714-5238"},"institutions":[{"id":"https://openalex.org/I99464096","display_name":"KU Leuven","ror":"https://ror.org/05f950310","country_code":"BE","type":"education","lineage":["https://openalex.org/I99464096"]}],"countries":["BE"],"is_corresponding":true,"raw_author_name":"Ilias Tsingenopoulos","raw_affiliation_strings":["DistriNet, KU Leuven, Belgium"],"raw_orcid":"https://orcid.org/0000-0002-7714-5238","affiliations":[{"raw_affiliation_string":"DistriNet, KU Leuven, Belgium","institution_ids":["https://openalex.org/I99464096"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025184689","display_name":"Jacopo Cortellazzi","orcid":null},"institutions":[{"id":"https://openalex.org/I183935753","display_name":"King's College London","ror":"https://ror.org/0220mzb33","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I183935753"]},{"id":"https://openalex.org/I45129253","display_name":"University College London","ror":"https://ror.org/02jx3x895","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I45129253"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Jacopo Cortellazzi","raw_affiliation_strings":["King's College London, United Kingdom and University College London, United Kingdom"],"raw_orcid":"https://orcid.org/0000-0003-1421-2058","affiliations":[{"raw_affiliation_string":"King's College London, United Kingdom and University College London, United Kingdom","institution_ids":["https://openalex.org/I183935753","https://openalex.org/I45129253"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052350897","display_name":"Branislav Bo\u0161ansk\u00fd","orcid":"https://orcid.org/0000-0002-3841-9515"},"institutions":[{"id":"https://openalex.org/I4210156203","display_name":"Gennet","ror":"https://ror.org/05tsgwq26","country_code":"CZ","type":"other","lineage":["https://openalex.org/I4210156203"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Branislav Bo\u0161ansk\u00fd","raw_affiliation_strings":["Gen Digital, Czech Republic"],"raw_orcid":"https://orcid.org/0000-0002-3841-9515","affiliations":[{"raw_affiliation_string":"Gen Digital, Czech Republic","institution_ids":["https://openalex.org/I4210156203"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030403848","display_name":"Simone Aonzo","orcid":"https://orcid.org/0000-0001-9547-3502"},"institutions":[{"id":"https://openalex.org/I1902872","display_name":"EURECOM","ror":"https://ror.org/00sse7z02","country_code":"FR","type":"education","lineage":["https://openalex.org/I1902872","https://openalex.org/I205703379"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Simone Aonzo","raw_affiliation_strings":["EURECOM, France"],"raw_orcid":"https://orcid.org/0000-0001-9547-3502","affiliations":[{"raw_affiliation_string":"EURECOM, France","institution_ids":["https://openalex.org/I1902872"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069939159","display_name":"Davy Preuveneers","orcid":"https://orcid.org/0000-0001-6279-4430"},"institutions":[{"id":"https://openalex.org/I99464096","display_name":"KU Leuven","ror":"https://ror.org/05f950310","country_code":"BE","type":"education","lineage":["https://openalex.org/I99464096"]}],"countries":["BE"],"is_corresponding":false,"raw_author_name":"Davy Preuveneers","raw_affiliation_strings":["DistriNet, KU Leuven, Belgium"],"raw_orcid":"https://orcid.org/0000-0001-6279-4430","affiliations":[{"raw_affiliation_string":"DistriNet, KU Leuven, Belgium","institution_ids":["https://openalex.org/I99464096"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054031138","display_name":"Wouter Joosen","orcid":"https://orcid.org/0000-0002-7710-5092"},"institutions":[{"id":"https://openalex.org/I99464096","display_name":"KU Leuven","ror":"https://ror.org/05f950310","country_code":"BE","type":"education","lineage":["https://openalex.org/I99464096"]}],"countries":["BE"],"is_corresponding":false,"raw_author_name":"Wouter Joosen","raw_affiliation_strings":["DistriNet, KU Leuven, Belgium"],"raw_orcid":"https://orcid.org/0000-0002-7710-5092","affiliations":[{"raw_affiliation_string":"DistriNet, KU Leuven, Belgium","institution_ids":["https://openalex.org/I99464096"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072597369","display_name":"Fabio Pierazzi","orcid":"https://orcid.org/0000-0002-1254-1758"},"institutions":[{"id":"https://openalex.org/I183935753","display_name":"King's College London","ror":"https://ror.org/0220mzb33","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I183935753"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Fabio Pierazzi","raw_affiliation_strings":["King's College London, United Kingdom"],"raw_orcid":"https://orcid.org/0000-0002-1254-1758","affiliations":[{"raw_affiliation_string":"King's College London, United Kingdom","institution_ids":["https://openalex.org/I183935753"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5036908366","display_name":"Lorenzo Cavallaro","orcid":"https://orcid.org/0000-0002-3878-2680"},"institutions":[{"id":"https://openalex.org/I45129253","display_name":"University College London","ror":"https://ror.org/02jx3x895","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I45129253"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Lorenzo Cavallaro","raw_affiliation_strings":["University College London, United Kingdom"],"raw_orcid":"https://orcid.org/0000-0002-3878-2680","affiliations":[{"raw_affiliation_string":"University College London, United Kingdom","institution_ids":["https://openalex.org/I45129253"]}]}],"institutions":[],"countries_distinct_count":4,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5003959400"],"corresponding_institution_ids":["https://openalex.org/I99464096"],"apc_list":null,"apc_paid":null,"fwci":1.6366,"has_fulltext":true,"cited_by_count":5,"citation_normalized_percentile":{"value":0.84701572,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"130","last_page":"146"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9947999715805054,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.649643063545227},{"id":"https://openalex.org/keywords/hardening","display_name":"Hardening (computing)","score":0.4709761142730713},{"id":"https://openalex.org/keywords/space","display_name":"Space (punctuation)","score":0.4399172365665436},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.18690085411071777},{"id":"https://openalex.org/keywords/materials-science","display_name":"Materials science","score":0.11003121733665466},{"id":"https://openalex.org/keywords/composite-material","display_name":"Composite material","score":0.0631101131439209}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.649643063545227},{"id":"https://openalex.org/C44255700","wikidata":"https://www.wikidata.org/wiki/Q978423","display_name":"Hardening (computing)","level":3,"score":0.4709761142730713},{"id":"https://openalex.org/C2778572836","wikidata":"https://www.wikidata.org/wiki/Q380933","display_name":"Space (punctuation)","level":2,"score":0.4399172365665436},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.18690085411071777},{"id":"https://openalex.org/C192562407","wikidata":"https://www.wikidata.org/wiki/Q228736","display_name":"Materials science","level":0,"score":0.11003121733665466},{"id":"https://openalex.org/C159985019","wikidata":"https://www.wikidata.org/wiki/Q181790","display_name":"Composite material","level":1,"score":0.0631101131439209},{"id":"https://openalex.org/C2779227376","wikidata":"https://www.wikidata.org/wiki/Q6505497","display_name":"Layer (electronics)","level":2,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3678890.3678912","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3678890.3678912","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The 27th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"},{"id":"pmh:oai:eprints.ucl.ac.uk.OAI2:10201635","is_oa":true,"landing_page_url":"https://discovery.ucl.ac.uk/id/eprint/10201635/","pdf_url":"https://discovery.ucl.ac.uk/id/eprint/10201635/7/Pierazzi_3678890.3678912.pdf","source":{"id":"https://openalex.org/S4306400024","display_name":"UCL Discovery (University College London)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I45129253","host_organization_name":"University College London","host_organization_lineage":["https://openalex.org/I45129253"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"In:  ACM International Conference Proceeding Series.  (pp. pp. 130-146).  Association for Computering Machinery (ACM): Padua, Italy. (2024)","raw_type":"Proceedings paper"},{"id":"pmh:oai:lirias2repo.kuleuven.be:20.500.12942/754783","is_oa":true,"landing_page_url":"https://lirias.kuleuven.be/handle/20.500.12942/754783","pdf_url":"https://lirias.kuleuven.be/retrieve/b12a00c6-57f1-4d3a-874c-de8c912e1629","source":{"id":"https://openalex.org/S4306401954","display_name":"Lirias (KU Leuven)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I99464096","host_organization_name":"KU Leuven","host_organization_lineage":["https://openalex.org/I99464096"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"27th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), ITALY, Padua, 30 September - 2 October 2024","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":{"id":"doi:10.1145/3678890.3678912","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3678890.3678912","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The 27th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G5980583038","display_name":"XAdv: Robust Explanations for Malware Detection","funder_award_id":"EP/X015971/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G7956649106","display_name":null,"funder_award_id":"EP/X015971/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320322308","display_name":"KU Leuven","ror":"https://ror.org/05f950310"},{"id":"https://openalex.org/F4320327336","display_name":"Vlaamse regering","ror":null},{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":42,"referenced_works":["https://openalex.org/W2036575863","https://openalex.org/W2157943826","https://openalex.org/W2250539671","https://openalex.org/W2469346691","https://openalex.org/W2559964890","https://openalex.org/W2712617220","https://openalex.org/W2744095836","https://openalex.org/W2796885425","https://openalex.org/W2923511423","https://openalex.org/W2932026309","https://openalex.org/W2963539830","https://openalex.org/W2963857521","https://openalex.org/W2964612906","https://openalex.org/W3015481738","https://openalex.org/W3016970897","https://openalex.org/W3080802004","https://openalex.org/W3090219579","https://openalex.org/W3099284022","https://openalex.org/W3103934428","https://openalex.org/W3120848642","https://openalex.org/W3120979750","https://openalex.org/W3125713917","https://openalex.org/W3131231119","https://openalex.org/W3134481631","https://openalex.org/W3138173041","https://openalex.org/W3157814027","https://openalex.org/W3159204880","https://openalex.org/W3164220323","https://openalex.org/W3184389706","https://openalex.org/W3185664553","https://openalex.org/W3193198498","https://openalex.org/W3201016636","https://openalex.org/W3206660056","https://openalex.org/W3215120663","https://openalex.org/W4281384280","https://openalex.org/W4286908533","https://openalex.org/W4288072399","https://openalex.org/W4289038676","https://openalex.org/W4301880089","https://openalex.org/W4385080319","https://openalex.org/W4388858920","https://openalex.org/W6797011970"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052","https://openalex.org/W2382290278","https://openalex.org/W4395014643"],"abstract_inverted_index":{"ML-based":[0],"malware":[1],"detection":[2],"on":[3,133],"dynamic":[4],"analysis":[5],"reports":[6],"is":[7,54],"vulnerable":[8],"to":[9,36,74,129],"both":[10],"evasion":[11],"and":[12,114],"spurious":[13],"correlations.":[14],"In":[15],"this":[16,62],"work,":[17],"we":[18,154],"investigate":[19],"a":[20,29,80,89,95,140,163],"specific":[21],"ML":[22],"architecture":[23],"employed":[24],"in":[25,61,111],"the":[26,34,44,59,65,112,120,134,137],"pipeline":[27],"of":[28,58,92,136,143],"widely-known":[30],"commercial":[31],"antivirus,":[32],"with":[33,102],"goal":[35],"harden":[37],"it":[38,118,127],"against":[39,97,139],"adversarial":[40,87,144,165],"malware.":[41],"Adversarial":[42],"training,":[43],"most":[45],"reliable":[46],"defensive":[47],"technique":[48],"that":[49,68,108],"can":[50,155],"confer":[51],"empirical":[52,147],"robustness,":[53],"not":[55],"applicable":[56],"out":[57],"box":[60],"domain,":[63],"for":[64,85],"principal":[66],"reason":[67],"gradient-based":[69],"perturbations":[70],"rarely":[71],"map":[72],"back":[73],"feasible":[75,110],"problem-space":[76],"programs.":[77],"We":[78],"introduce":[79],"novel":[81],"Reinforcement":[82],"Learning":[83],"approach":[84,100],"constructing":[86],"examples,":[88],"constituent":[90],"part":[91],"adversarially":[93],"training":[94],"model":[96,138],"evasion.":[98],"Our":[99,146],"comes":[101],"multiple":[103],"advantages.":[104],"It":[105,124],"performs":[106],"modifications":[107],"are":[109],"problem-space,":[113],"only":[115],"those;":[116],"thus":[117],"circumvents":[119],"inverse":[121],"mapping":[122],"problem.":[123],"also":[125],"makes":[126],"possible":[128],"provide":[130],"theoretical":[131,151],"guarantees":[132],"robustness":[135],"well-defined":[141],"set":[142],"capabilities.":[145],"exploration":[148],"validates":[149],"our":[150],"insights,":[152],"where":[153],"consistently":[156],"reach":[157],"0%":[158],"Attack":[159],"Success":[160],"Rate":[161],"after":[162],"few":[164],"retraining":[166],"iterations.":[167]},"counts_by_year":[{"year":2025,"cited_by_count":5}],"updated_date":"2026-05-03T08:25:01.440150","created_date":"2025-10-10T00:00:00"}