The competition concluded 24 Oct 2019. While this repo will persist, the competition website has been taken offline.
This repo contains code to be used in conjunction with the Machine Learning Static Evasion Competition. To participate, you must register here. This repo is intended to assist contestants in constructing a white-box attack, by providing model weights and inference code.
This competition contains three trained models
- MalConv trained on EMBER 2018 binaries
- Non-negative MalConv trained on EMBER 2018 binaries.
- A LightGBM model trained on the EMBER 2018 features dataset
The model evaluation code requires Python 3.6. (LIEF is not easily installed with Python 3.7, so Python 3.6 is recommended.) A Miniconda or Anaconda environment is recommended.
- Follow the installation instructions for EMBER.
- Install pytorch for Python 3.6 on your platform
- Checkout this repository and unzip compressed LightGBM model
cd malware_evasion_competition
pushd models/ember && unzip ember_model.txt.zip && popd
- Evaluate the models on a sample via the command-line
python3 models.py some.exe
It is up to each contestant to devise a white-box attack against the models. Weights and parameters for each model are located in individual subfolders in the models/ folder.
For MalConv and Non-Negative MalConv, a differentiable white-box attack (for example, the FSGM attack) may be possible, although care must be taken to ensure the modified binary is still functional. As noted in the MalConv.py, the objective function (required for differentiable attacks) used to train the models was criterion = nn.CrossEntropyLoss()
.
Follow the competition in github issues here and in the MLSEC Slack channel.