Adversarial Training is a proven defense strategy against adversarial malware. However, generating adversarial malware samples for this type of training presents a challenge because the resulting adversarial malware needs to remain evasive and functional. This work proposes an attack framework, EGAN, to address this limitation. EGAN leverages an Evolution Strategy and Generative Adversarial Network to select a sequence of attack actions that can mutate a Ransomware file while preserving its original functionality. We tested this framework on popular AI-powered commercial antivirus systems listed on VirusTotal and demonstrated that our framework is capable of bypassing the majority of these systems. Moreover, we evaluated whether the EGAN attack framework can evade other commercial non-AI antivirus solutions. Our results indicate that the adversarial ransomware generated can increase the probability of evading some of them.

翻译：摘要：对抗训练是一种已被验证的针对对抗性恶意软件的防御策略。然而，生成用于此类训练的对抗性恶意软件样本仍是一项挑战，因为生成的对抗性恶意软件需要同时保持规避性和功能性。本研究提出了一种攻击框架EGAN以解决这一局限性。EGAN利用进化策略和生成对抗网络来选择一系列攻击动作，从而在保留勒索软件原始功能的同时对其文件进行变异。我们在VirusTotal平台上列出的主流AI驱动商业防病毒系统上测试了该框架，结果表明该框架能够绕过其中绝大多数系统。此外，我们还评估了EGAN攻击框架能否规避其他非AI商业防病毒解决方案。实验结果显示，生成的对抗性勒索软件能够提高对其中部分系统的规避概率。