A Survey of Adversarial Attack and Defense Methods for Malware Classification in Cyber Security

Malware poses a severe threat to cyber security. Attackers use malware to achieve their malicious purposes, such as unauthorized access, stealing confidential data, blackmailing, etc. Machine learning-based defense methods are applied to classify malware examples. However, such methods are vulnerable to adversarial attacks, where attackers aim to generate adversarial examples that can evade detection. Defenders also develop various approaches to enhance the robustness of malware classifiers against adversarial attacks. Both attackers and defenders evolve in the continuous confrontation of malware classification. In this paper, we firstly summarize a unified malware classification framework. Then, based on the framework, we systematically survey the Defense-Attack-Enhanced-Defense process and provide a comprehensive review of (i) machine learning-based malware classification, (ii) adversarial attacks on malware classifiers, and (iii) robust malware classification. Finally, we highlight the main challenges faced by both attackers and defenders and discuss some promising future work directions.