Research
Learning to Look Benign: Targeted API Import Injection Evades ML-Based Malware Detectors
Demonstrates that ML-based malware detectors relying on static features can be fooled by injecting benign-looking API imports into malware samples. The technique adds imports that shift the feature vector toward benign classification without affecting malicious functionality. Relevant to security teams deploying ML-based endpoint detection: adversarial evasion via feature manipulation is cheaper than expected, and static-only detection architectures need behavioral verification layers.
Source
↳ Follow the thread