Martin Jureek

This paper addresses the lack of research on adversarial malware generation for Linux ELF binaries by developing a new semantic-preserving generator that achieves a high evasion rate against modern detectors.

The paper proposes a structural method using decision tree rulesets and multiple complementary metrics to detect concept drift in evolving malware families, finding that fixed-interval windowing with feature-level Pearson correlation is the most reliable approach.

The paper proposes a bilevel optimization framework to model the adversarial co-evolution between malware attackers and detection models, achieving near-total immunity against sophisticated evasion attempts.

The paper demonstrates a gray-box poisoning attack against continuous malware detection pipelines using subtle binary manipulations, showing that IAT-based perturbations can significantly degrade detection recall, while proposing an ensemble defense mechanism.

The paper constructs a large, adversarial malware dataset from real-world binaries, demonstrating high evasion rates and showing that even small amounts of poisoned data can severely compromise malware detection models.