SOREL ATTACK - Githubissues

pralab / secml_malware

Create adversarial attacks against machine learning Windows malware detectors

https://secml-malware.readthedocs.io/

GNU General Public License v3.0

203 stars 46 forks source link

SOREL ATTACK #42

Closed QuangNguyen2609 closed 1 year ago

QuangNguyen2609 commented 1 year ago

Hi im currently trying to run Attack for sorel but i don't have goodware so are there any attack i can use to run Sorel (I tried several attack like Exploit Evasion... but it did not work at this liefpe = lief.PE.parse(x) as this returns NoneType (Can't read the file). In addition what format of malware file should i use (normal exe for sth) and how many goodwares needed for the c gamma evasion attack ? Thanks

zangobot commented 1 year ago

Hello!

Sorry, but I did not fully understand the question:

to attack SOREL, you need a black-box classifier, since it leverages a feature extraction (hence, end-to-end gradients can not be computed. You can use GAMMA (but you need goodware, try using the executables from a clean Windows installation)
what is x? If it is a regular PE, it should be loaded using LIEF. What happens if you load that binary using LIEF alone?