Gym-Malware
A reinforcement learning environment for training AI agents to manipulate malware samples and evade static machine learning detection.
What is Gym-Malware?
Malware Env for OpenAI Gym is a reinforcement learning environment designed for cybersecurity research. It allows AI agents to learn how to manipulate malware samples through functionality-preserving transformations to evade static machine learning detection models. The environment provides a set of binary manipulation actions and integrates with existing RL frameworks to train evasion policies.
Cybersecurity researchers and machine learning practitioners studying adversarial attacks, evasion techniques, and reinforcement learning applications in security. It is also suitable for academics conducting reproducible experiments in malware detection bypass.
It offers a specialized, open-source toolkit for training and evaluating reinforcement learning agents against realistic malware classifiers, bridging the gap between machine learning and offensive security research.
Overview
Malware Env for OpenAI Gym provides a specialized environment for reinforcement learning research focused on malware evasion. It enables AI agents to learn functionality-preserving transformations on Portable Executable (PE) files to bypass static machine learning malware classifiers.
Key Features
- PE File Manipulation — Provides a set of binary manipulation actions like appending bytes, removing signatures, and modifying section headers.
- Reinforcement Learning Integration — Built as an OpenAI Gym environment, allowing use with existing RL frameworks like ChainerRL and Keras-RL.
- Default Malware Classifier — Includes a pre-trained gradient boosted decision trees model for evaluating evasion success.
- LIEF Library Integration — Leverages the LIEF project for on-the-fly binary modification and analysis.
- VirusTotal Integration — Includes scripts to download malware samples using the VirusTotal API for training data.
Philosophy
The project aims to advance cybersecurity research by creating a standardized, reproducible environment for studying adversarial machine learning against malware detection systems.
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
