Malware detection systems are increasingly challenged by polymorphic adversarial tactics that exploit variations in the division of tasks between threads and processes. Traditional detection models trained on monolithic, single-process traces struggle to generalize across such tactics. We propose a defense framework that integrates two complementary strategies: robustness against evasion through behavioral decomposition and architectural reinforcement through model-fusion-based learning. Our method employs an entropy-based partitioning strategy to decompose system call logs while explicitly preserving temporal and semantic dependencies via a violation-aware penalty mechanism. Our partitioning scheme reflects realistic polymorphic behaviors, ensuring that functionality is preserved across partitions. The framework is further strengthened through ensemble fusion, combining multiple sub-models trained under heterogeneous adversarial split configurations. We evaluate the proposed approach on the ADFA-LD benchmark dataset, its multi-process extension, ADFA-LD-MP, and on the BarongTrace dataset of real malware traces. The experimentation shows that our framework substantially improves detection performance, particularly in high-split regimes where conventional models degrade. Partition-aware training, coupled with model fusion, yields improved F1-scores and enhanced generalization across diverse adversarial conditions.
No Time to Evade: Context-Aware Conditional Entropy Partitioning and Model Fusion for Robust Multi-Process Malware Detection / L. Mauri, E. Damiani. - In: IEEE TRANSACTIONS ON ARTIFICIAL INTELLIGENCE. - ISSN 2691-4581. - (2026), pp. 1-16. [10.1109/tai.2026.3678598]
No Time to Evade: Context-Aware Conditional Entropy Partitioning and Model Fusion for Robust Multi-Process Malware Detection
L. Mauri
Primo
;E. DamianiUltimo
2026
Abstract
Malware detection systems are increasingly challenged by polymorphic adversarial tactics that exploit variations in the division of tasks between threads and processes. Traditional detection models trained on monolithic, single-process traces struggle to generalize across such tactics. We propose a defense framework that integrates two complementary strategies: robustness against evasion through behavioral decomposition and architectural reinforcement through model-fusion-based learning. Our method employs an entropy-based partitioning strategy to decompose system call logs while explicitly preserving temporal and semantic dependencies via a violation-aware penalty mechanism. Our partitioning scheme reflects realistic polymorphic behaviors, ensuring that functionality is preserved across partitions. The framework is further strengthened through ensemble fusion, combining multiple sub-models trained under heterogeneous adversarial split configurations. We evaluate the proposed approach on the ADFA-LD benchmark dataset, its multi-process extension, ADFA-LD-MP, and on the BarongTrace dataset of real malware traces. The experimentation shows that our framework substantially improves detection performance, particularly in high-split regimes where conventional models degrade. Partition-aware training, coupled with model fusion, yields improved F1-scores and enhanced generalization across diverse adversarial conditions.
| File | Dimensione | Formato | |
|---|---|---|---|
|
paper_IEEETAI.pdf
accesso aperto
Tipologia:
Publisher's version/PDF
Licenza:
Creative commons
Dimensione
2.59 MB
Formato
Adobe PDF
|
2.59 MB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
