Jove
Visualize
Contact Us
JoVE
x logofacebook logolinkedin logoyoutube logo
ABOUT JoVE
OverviewLeadershipBlogJoVE Help Center
AUTHORS
Publishing ProcessEditorial BoardScope & PoliciesPeer ReviewFAQSubmit
LIBRARIANS
TestimonialsSubscriptionsAccessResourcesLibrary Advisory BoardFAQ
RESEARCH
JoVE JournalMethods CollectionsJoVE Encyclopedia of ExperimentsArchive
EDUCATION
JoVE CoreJoVE BusinessJoVE Science EducationJoVE Lab ManualFaculty Resource CenterFaculty Site
Terms & Conditions of Use
Privacy Policy
Policies

Related Experiment Videos

Evading control flow graph based GNN malware detectors via active opcode insertion method with maliciousness

Hao Peng1,2, Zehao Yu1, Dandan Zhao1

  • 1College of Computer Science and Technology, Zhejiang Normal University, Jinhua, Zhejiang, China.

Scientific Reports
|March 18, 2025
PubMed
Summary

Related Concept Videos

You might also read

Related Articles

Articles linked to this work by shared authors, journal, and citation graph.

Sort by
Same author

Reamed and unreamed intramedullary nailing for the treatment of open and closed tibial fractures: a subgroup analysis of randomised trials.

International orthopaedics·2009
Same author

Selective COX-2 inhibitor versus nonselective COX-1 and COX-2 inhibitor in the prevention of heterotopic ossification after total hip arthroplasty: a meta-analysis of randomised trials.

International orthopaedics·2009
Same author

[Study on evaluating sex determining region of the Y as an engrafting track of BMSCs transplantation for repairing osteonecrosis of the femoral head of rabbit].

Zhongguo xiu fu chong jian wai ke za zhi = Zhongguo xiufu chongjian waike zazhi = Chinese journal of reparative and reconstructive surgery·2009
Same author

Positive association between benign familial infantile convulsions and LGI4.

Brain & development·2009
Same author

Catalytic enantioselective synthesis of chiral phthalides by efficient reductive cyclization of 2-acylarylcarboxylates under aqueous transfer hydrogenation conditions.

Organic letters·2009
Same author

Significance of urinary liver-fatty acid-binding protein in cardiac catheterization in patients with coronary artery disease.

Internal medicine (Tokyo, Japan)·2009
Same journal

Application of ephrin-B2 loaded glycol chitosan-silk fibroin hydrogel in the treatment of diabetic refractory wounds.

Scientific reports·2026
Same journal

International expert Delphi consensus on thromboprophylaxis in metabolic and bariatric surgery.

Scientific reports·2026
Same journal

Assessing the cross-region knowledge transfer capability of selected deep learning building vectorization methods in the context of available training datasets.

Scientific reports·2026
Same journal

Feasibility and preliminary effects of outdoor versus indoor cognitive-motor therapy in women with Alzheimer's disease: A randomized single-blind pilot study.

Scientific reports·2026
Same journal

Hallmarks of social action in the vocal turn-taking of wild common marmosets (Callithrix jacchus).

Scientific reports·2026
Same journal

Role and mechanism of AOPPs-induced NOX4-mediated ferroptosis in intervertebral disc degeneration.

Scientific reports·2026
See all related articles
This summary is machine-generated.

This study introduces MalAOI, a novel method for creating adversarial malware by inserting opcodes into portable executable control flow graphs. MalAOI effectively evades graph neural network detection models, demonstrating a 93.73% evasion rate.

Area of Science:

  • Computer Science
  • Cybersecurity
  • Machine Learning

Background:

  • Machine learning advancements drive new malware detection techniques.
  • Existing adversarial attacks struggle to modify portable executable (PE) control flow graphs (CFGs).
  • Graph neural network (GNN) models using CFGs pose detection challenges for adversarial malware.

Purpose of the Study:

  • To develop a novel method for generating adversarial malware that evades GNN detection.
  • To address limitations in current function-preserving adversarial attacks on PE malware CFGs.
  • To introduce an autonomous approach for creating effective adversarial malware.

Main Methods:

  • Introduced active opcode insertion, a novel base modification technique for PE CFGs.
  • Utilized reinforcement learning within the MalAOI framework to identify optimal insertion points and opcode sequences.
Keywords:
Control Flow GraphsFunction-preservingGraph Neural NetworksMalware DetectionReinforcement Learning

Related Experiment Videos

  • Generated adversarial malware by modifying PE CFGs while preserving functionality.
  • Main Results:

    • MalAOI achieved an average evasion rate of 93.73% against GNN detection models.
    • The generated adversarial malware showed only a 12.87% increase in byte size.
    • Tested on BODMAS and SOREL-20M datasets, confirming effectiveness.

    Conclusions:

    • Active opcode insertion is an effective strategy for generating functional adversarial malware.
    • MalAOI successfully evades GNN-based malware detection by modifying PE CFGs.
    • The method offers a promising solution for bypassing advanced malware detection systems.