2025-08-04 –, Florentine A
Machine learning is becoming more and more prevalent in malware detection techniques, but how can these systems be fooled? Last summer, I started work on the "Torment Nexus" in order to answer this question. Using relatively simple techniques, I was able to prove that even minor modifications to well-known malware samples could drastically reduce the detectability when analyzed by AI-based and traditional detection methods without changing their function.
In my talk, I will present my research on the topic, explain the processes I used to reduce detection scores, and demonstrate how these techniques can be used to evade modern machine learning-based detection methods. Additionally, I will discuss the broader implications of deploying ML-based security tools without properly scrutinizing their reliability.
This talk was in collaboration with a colleague when working at dropbox, we wondered whether we could easily bypass AI malware detection methods.
After spending three months researching the possibilities, I found that with only minor non-code changes that do not affect the functionality of the executable, we were able to reduce detection by ~99.9998% for well-known malware samples, as well as ~20-30% with Virustotal results. This discovery shocked us by how easy and simple it was to perform. As malware detection tools start to incorporate machine learning in their product, we hope that this talk can demonstrate that doing so requires heavy scrutiny and careful planning in order to not introduce greater vulnerabilities. This talk will demonstrate how the research was done to enable attendees to continue this research on their own.
Noah Grosh is a recent UNCC graduate and former Dropbox employee working on AI/ML red team tools to increase velocity of testing while keeping testing relevant to modern threats. In his spare time he enjoys torturing LLMs, and drinking tea.