Skip to content
No description, website, or topics provided.
Branch: master
Clone or download
Latest commit ef3e866 Jul 25, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
models initial commit Jul 24, 2019
LICENSE initial commit Jul 24, 2019 initial commit Jul 24, 2019 Update Jul 25, 2019 initial commit Jul 24, 2019

Machine Learning Static Evasion Competition

This repo contains code to be used in conjunction with the Machine Learning Static Evasion Competition. To participate, you must register here. This repo is intended to assist contestants in constructing a white-box attack, by providing model weights and inference code.


This competition contains three trained models

  1. MalConv trained on EMBER 2018 binaries
  2. Non-negative MalConv trained on EMBER 2018 binaries.
  3. A LightGBM model trained on the EMBER 2018 features dataset

Getting Started


The model evaluation code requires Python 3.6. (LIEF is not easily installed with Python 3.7, so Python 3.6 is recommended.) A Miniconda or Anaconda environment is recommended.

  1. Follow the installation instructions for EMBER.
  2. Install pytorch for Python 3.6 on your platform

Predicting with models

  1. Checkout this repository and unzip compressed LightGBM model
cd malware_evasion_competition
pushd models/ember && unzip && popd
  1. Evaluate the models on a sample via the command-line python3 some.exe

White-box attack

It is up to each contestant to devise a white-box attack against the models. Weights and parameters for each model are located in individual subfolders in the models/ folder.

For MalConv and Non-Negative MalConv, a differentiable white-box attack (for example, the FSGM attack) may be possible, although care must be taken to ensure the modified binary is still functional. As noted in the, the objective function (required for differentiable attacks) used to train the models was criterion = nn.CrossEntropyLoss().

Communicate with other participants

Follow the competition in github issues here and in the MLSEC Slack channel.

You can’t perform that action at this time.