evading machine learning malware classifier
Evading Machine Learning Malware Classifiers
This was a white box competition; meaning I had full access to all model parameters and source code. Therefore, the first thing to do was crack open the models and see what was going on under the hood. The first model is a neural network trained on the raw bytes of Windows executables. MalConv is implemented in PyTorch, and if you're already familiar with neural networks the code is relatively simple and straight forward: Files are passed to MalConv as a sequence of integers representing the bytes of the file (0–255). The sequence of vectors can then be processed by additional neural network layers.