Home » Database



Evasion of Deep Learning Detector for Malware C&C Traffic


The Palo Alto Networks Security AI research team tested a deep learning model for malware command and control (C&C) traffic detection in HTTP traffic. Based on the publicly available paper by Le et al., we built a model that was trained on a similar dataset as our production model and had similar performance. Then we crafted adversarial samples, queried the model, and adjusted the adversarial sample accordingly until the model was evaded.


AVID Taxonomy Categorization

  • Risk domains: Security
  • SEP subcategories: S0403: Adversarial Example
  • Lifecycle stages: L02: Data Understanding, L06: Deployment

Affected or Relevant Artifacts

  • Developer:
  • Deployer: Palo Alto Networks malware detection system
  • Artifact Details:
    SystemPalo Alto Networks malware detection system

Other information

  • Vulnerability Class: ATLAS Case Study
  • Date Published: 2023-03-31
  • Date Last Modified: 2023-03-31
  • Version: 0.2
  • AVID Entry