Static PE antimalware evasion by using Reinforcement Learning

Gómez Gálvez, Francisco Javier

Please use this identifier to cite or link to this item: http://hdl.handle.net/10609/127010

Title:	Static PE antimalware evasion by using Reinforcement Learning
Author:	Gómez Gálvez, Francisco Javier
Tutor:	Torregrosa Garcia, Blas
Others:	Prados Carrasco, Ferran
Abstract:	Malware detection is a critical capability which is usually deployed in any production system as a first step to increase the infrastructure security. Due to this widespread security measure, and with the intention of carrying out the actions for which it has been designed, malwareis constantly evolving in order to evade common detection techniques, ranging from simple changes aimed to evade signature-based detection to complex variations involving malware virtualization which are able to evade behavioural-based detection. In this project, an experiment based on Reinforcement Learning is designed in order to improve the evasion capabilities of a given self-generated malware sample. Such design is carried out by defining the set of actions that can be taken in order to evade Static PE detection; an environment which evaluates the sample; a reward function that allows us to minimize thedetection rate, and an agent which coordinates the entire process. Tools used in the scope of this project are available for the general public, including those used for self-generating the samples as well as those used to emulate an environment with different antimalware solutions.
Keywords:	reinforcement learning deep learning antimalware evasion
Document type:	info:eu-repo/semantics/masterThesis
Issue Date:	25-Jan-2021
Publication license:	http://creativecommons.org/licenses/by-nc-nd/3.0/es/
Appears in Collections:	Trabajos finales de carrera, trabajos de investigación, etc.