Machine Learning Static Evasion Competition
This repo contains code to be used in conjunction with the Machine Learning Static Evasion Competition. To participate, you must register here. This repo is intended to assist contestants in constructing a white-box attack, by providing model weights and inference code.
This competition contains three trained models
- MalConv trained on EMBER 2018 binaries
- Non-negative MalConv trained on EMBER 2018 binaries.
- A LightGBM model trained on the EMBER 2018 features dataset
Predicting with models
- Checkout this repository and unzip compressed LightGBM model
cd malware_evasion_competition pushd models/ember && unzip ember_model.txt.zip && popd
- Evaluate the models on a sample via the command-line
python3 models.py some.exe
It is up to each contestant to devise a white-box attack against the models. Weights and parameters for each model are located in individual subfolders in the models/ folder.
For MalConv and Non-Negative MalConv, a differentiable white-box attack (for example, the FSGM attack) may be possible, although care must be taken to ensure the modified binary is still functional. As noted in the MalConv.py, the objective function (required for differentiable attacks) used to train the models was
criterion = nn.CrossEntropyLoss().
Communicate with other participants
Follow the competition in github issues here and in the MLSEC Slack channel.