Malware has been one of the most damaging threats to computers that span across multiple operating systems and various file formats. To defend against ever-increasing and ever-evolving malware, tremendous efforts have been made to propose a variety of malware detection that attempt to effectively and efficiently detect malware so as to mitigate possible damages as early as possible. Recent studies have shown that, on the one hand, existing ML and DL techniques enable superior solutions in detecting newly emerging and previously unseen malware. However, on the other hand, ML and DL models are inherently vulnerable to adversarial attacks in the form of adversarial examples. In this paper, we focus on malware with the file format of portable executable (PE) in the family of Windows operating systems, namely Windows PE malware, as a representative case to study the adversarial attack methods in such adversarial settings. To be specific, we start by first outlining the general learning framework of Windows PE malware detection based on ML/DL and subsequently highlighting three unique challenges of performing adversarial attacks in the context of Windows PE malware. Then, we conduct a comprehensive and systematic review to categorize the state-of-the-art adversarial attacks against PE malware detection, as well as corresponding defenses to increase the robustness of Windows PE malware detection. Finally, we conclude the paper by first presenting other related attacks against Windows PE malware detection beyond the adversarial attacks and then shedding light on future research directions and opportunities. In addition, a curated resource list of adversarial attacks and defenses for Windows PE malware detection is also available at https://github.com/ryderling/adversarial-attacks-and-defenses-for-windows-pe-malware-detection.

翻译：恶意软件一直是跨多种操作系统和多种文件格式的计算机最具破坏性的威胁之一。为了防御不断增长且不断演变的恶意软件，研究人员付出了巨大努力，提出了多种恶意软件检测方法，试图有效且高效地检测恶意软件，以便尽早减轻潜在损害。近年来的研究表明，一方面，现有的机器学习（ML）和深度学习（DL）技术在检测新出现的和以前未见过的恶意软件方面提供了卓越的解决方案。然而，另一方面，ML和DL模型本身就容易受到以对抗样本形式出现的对抗攻击。在本文中，我们以Windows操作系统家族中便携式可执行文件（PE）格式的恶意软件（即Windows PE恶意软件）作为代表性案例，研究此类对抗设置中的对抗攻击方法。具体而言，我们首先概述了基于ML/DL的Windows PE恶意软件检测的一般学习框架，随后强调了在Windows PE恶意软件背景下进行对抗攻击的三个独特挑战。然后，我们进行了全面而系统的综述，对针对PE恶意软件检测的最新对抗攻击以及相应的防御措施进行了分类，旨在增强Windows PE恶意软件检测的鲁棒性。最后，本文首先介绍了对抗攻击之外的其他针对Windows PE恶意软件检测的相关攻击，然后展望了未来的研究方向与机遇。此外，我们还提供了一个关于Windows PE恶意软件检测对抗攻击与防御的精选资源列表，网址为：https://github.com/ryderling/adversarial-attacks-and-defenses-for-windows-pe-malware-detection。