Beyond accuracy: robustness and explainability in adversarial malware detection

Eslam Amer; Gelayol Golcarenarenji; Alaa Mohasseb; Tamer Elboghdadly

doi:10.1109/MIUCC66482.2025.11196809

Beyond accuracy: robustness and explainability in adversarial malware detection

Eslam Amer^*, Gelayol Golcarenarenji, Alaa Mohasseb, Tamer Elboghdadly

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

The increasing sophistication of adversarial malware attacks highlights the urgent need for robust detection systems capable of resisting evasion strategies. This paper presents a comprehensive evaluation of vulnerabilities in machine learning-based malware detectors, focusing on adversarial effectiveness across diverse attack paradigms. We systematically assess gradient-based and optimization-driven attacks against hybrid CNN-LSTM classifiers, revealing significant susceptibility under adversarial pressure. Using explainable AI techniques—SHAP and LIME—we uncover critical decision-making vulnerabilities tied to semantically meaningful malware features. Our findings expose structural limitations in current deep learning approaches, demonstrating that hybrid models exhibit unexpected robustness at higher perturbation levels, while standalone CNN and LSTM models remain highly vulnerable. The study provides actionable insights for developing more resilient detection systems

Original language	English
Title of host publication	Proceedings of 5th International Mobile, Intelligent, and Ubiquitous Computing Conference 17/09/25 → 18/09/25 Cairo, Egypt
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	123-128
Number of pages	6
ISBN (Electronic)	9798331539221
ISBN (Print)	9798331539238
DOIs	https://doi.org/10.1109/MIUCC66482.2025.11196809
Publication status	Published - 21 Oct 2025
Event	5th International Mobile, Intelligent, and Ubiquitous Computing Conference - Misr International University, Cairo, Egypt Duration: 17 Sept 2025 → 18 Sept 2025 Conference number: 5 https://www.aconf.org/conf_217003.2025_International_Mobile,_Intelligent,_and_Ubiquitous_Computing_Conference_(MIUCC).html

Conference

Conference	5th International Mobile, Intelligent, and Ubiquitous Computing Conference
Abbreviated title	MIUCC
Country/Territory	Egypt
City	Cairo
Period	17/09/25 → 18/09/25
Internet address	https://www.aconf.org/conf_217003.2025_International_Mobile,_Intelligent,_and_Ubiquitous_Computing_Conference_(MIUCC).html

Keywords

Adversarial malware
deep learning security
explainable AI
evasion attacks

Access to Document

10.1109/MIUCC66482.2025.11196809

Cite this

Amer, E., Golcarenarenji, G., Mohasseb, A., & Elboghdadly, T. (2025). Beyond accuracy: robustness and explainability in adversarial malware detection. In Proceedings of 5th International Mobile, Intelligent, and Ubiquitous Computing Conference 17/09/25 → 18/09/25 Cairo, Egypt (pp. 123-128). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/MIUCC66482.2025.11196809

@inproceedings{7cf5affe885a41c0a020a9e94527b8bf,

title = "Beyond accuracy: robustness and explainability in adversarial malware detection",

abstract = "The increasing sophistication of adversarial malware attacks highlights the urgent need for robust detection systems capable of resisting evasion strategies. This paper presents a comprehensive evaluation of vulnerabilities in machine learning-based malware detectors, focusing on adversarial effectiveness across diverse attack paradigms. We systematically assess gradient-based and optimization-driven attacks against hybrid CNN-LSTM classifiers, revealing significant susceptibility under adversarial pressure. Using explainable AI techniques—SHAP and LIME—we uncover critical decision-making vulnerabilities tied to semantically meaningful malware features. Our findings expose structural limitations in current deep learning approaches, demonstrating that hybrid models exhibit unexpected robustness at higher perturbation levels, while standalone CNN and LSTM models remain highly vulnerable. The study provides actionable insights for developing more resilient detection systems",

keywords = "Adversarial malware, deep learning security, explainable AI, evasion attacks",

author = "Eslam Amer and Gelayol Golcarenarenji and Alaa Mohasseb and Tamer Elboghdadly",

note = "No ISSN; 5th International Mobile, Intelligent, and Ubiquitous Computing Conference , MIUCC ; Conference date: 17-09-2025 Through 18-09-2025",

year = "2025",

month = oct,

day = "21",

doi = "10.1109/MIUCC66482.2025.11196809",

language = "English",

isbn = "9798331539238",

pages = "123--128",

booktitle = "Proceedings of 5th International Mobile, Intelligent, and Ubiquitous Computing Conference 17/09/25 → 18/09/25 Cairo, Egypt",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

address = "United States",

url = "https://www.aconf.org/conf\_217003.2025\_International\_Mobile,\_Intelligent,\_and\_Ubiquitous\_Computing\_Conference\_(MIUCC).html",

}

Amer, E , Golcarenarenji, G , Mohasseb, A & Elboghdadly, T 2025, Beyond accuracy: robustness and explainability in adversarial malware detection. in Proceedings of 5th International Mobile, Intelligent, and Ubiquitous Computing Conference 17/09/25 → 18/09/25 Cairo, Egypt. Institute of Electrical and Electronics Engineers Inc., pp. 123-128, 5th International Mobile, Intelligent, and Ubiquitous Computing Conference , Cairo, Egypt, 17/09/25. https://doi.org/10.1109/MIUCC66482.2025.11196809

Beyond accuracy: robustness and explainability in adversarial malware detection. / Amer, Eslam ; Golcarenarenji, Gelayol ; Mohasseb, Alaa et al.
Proceedings of 5th International Mobile, Intelligent, and Ubiquitous Computing Conference 17/09/25 → 18/09/25 Cairo, Egypt. Institute of Electrical and Electronics Engineers Inc., 2025. p. 123-128.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Beyond accuracy: robustness and explainability in adversarial malware detection

AU - Amer, Eslam

AU - Golcarenarenji, Gelayol

AU - Mohasseb, Alaa

AU - Elboghdadly, Tamer

N1 - Conference code: 5

PY - 2025/10/21

Y1 - 2025/10/21

N2 - The increasing sophistication of adversarial malware attacks highlights the urgent need for robust detection systems capable of resisting evasion strategies. This paper presents a comprehensive evaluation of vulnerabilities in machine learning-based malware detectors, focusing on adversarial effectiveness across diverse attack paradigms. We systematically assess gradient-based and optimization-driven attacks against hybrid CNN-LSTM classifiers, revealing significant susceptibility under adversarial pressure. Using explainable AI techniques—SHAP and LIME—we uncover critical decision-making vulnerabilities tied to semantically meaningful malware features. Our findings expose structural limitations in current deep learning approaches, demonstrating that hybrid models exhibit unexpected robustness at higher perturbation levels, while standalone CNN and LSTM models remain highly vulnerable. The study provides actionable insights for developing more resilient detection systems

AB - The increasing sophistication of adversarial malware attacks highlights the urgent need for robust detection systems capable of resisting evasion strategies. This paper presents a comprehensive evaluation of vulnerabilities in machine learning-based malware detectors, focusing on adversarial effectiveness across diverse attack paradigms. We systematically assess gradient-based and optimization-driven attacks against hybrid CNN-LSTM classifiers, revealing significant susceptibility under adversarial pressure. Using explainable AI techniques—SHAP and LIME—we uncover critical decision-making vulnerabilities tied to semantically meaningful malware features. Our findings expose structural limitations in current deep learning approaches, demonstrating that hybrid models exhibit unexpected robustness at higher perturbation levels, while standalone CNN and LSTM models remain highly vulnerable. The study provides actionable insights for developing more resilient detection systems

KW - Adversarial malware

KW - deep learning security

KW - explainable AI

KW - evasion attacks

U2 - 10.1109/MIUCC66482.2025.11196809

DO - 10.1109/MIUCC66482.2025.11196809

M3 - Conference contribution

SN - 9798331539238

SP - 123

EP - 128

BT - Proceedings of 5th International Mobile, Intelligent, and Ubiquitous Computing Conference 17/09/25 → 18/09/25 Cairo, Egypt

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 5th International Mobile, Intelligent, and Ubiquitous Computing Conference

Y2 - 17 September 2025 through 18 September 2025

ER -

Amer E , Golcarenarenji G , Mohasseb A , Elboghdadly T. Beyond accuracy: robustness and explainability in adversarial malware detection. In Proceedings of 5th International Mobile, Intelligent, and Ubiquitous Computing Conference 17/09/25 → 18/09/25 Cairo, Egypt. Institute of Electrical and Electronics Engineers Inc. 2025. p. 123-128 doi: 10.1109/MIUCC66482.2025.11196809

Beyond accuracy: robustness and explainability in adversarial malware detection

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this