Adversarial Malware Generation (AMG), the gen- eration of adversarial malware variants to strengthen Deep Learning (DL)-based malware detectors has emerged as a crucial tool in the development of proactive cyberdefense. However, the majority of extant works offer subtle perturbations or additions to executable files and do not explore full-file obfuscation. In this study, we show that an open-source encryption tool coupled with a Reinforcement Learning (RL) framework can successfully obfuscate malware to evade state-of-the-art malware detection engines and outperform techniques that use advanced modification methods. Our results show that the proposed method improves the evasion rate from 27%-49% compared to widely- used state-of-the-art reinforcement learning-based methods.

翻译：对抗性恶意软件生成（AMG）——即生成对抗性恶意软件变种以强化基于深度学习（DL）的恶意软件检测器——已成为主动网络防御开发中的关键工具。然而，现有研究大多仅对可执行文件进行细微扰动或附加修改，未深入探索全文件混淆技术。本研究表明，将开源加密工具与强化学习（RL）框架相结合，能够成功混淆恶意软件，从而规避最先进的恶意软件检测引擎，其性能优于采用高级修改方法的技术。实验结果显示，与广泛使用的先进强化学习方法相比，所提方法将逃逸率从27%提升至49%。