Notice: The reproducibility variables underlying each score are classified using an automated LLM-based pipeline, validated against a manually labeled dataset. LLM-based classification introduces uncertainty and potential bias; scores should be interpreted as estimates. Full accuracy metrics and methodology are described in Coakley et alK. L. Coakley, T. Snelleman, H. Hoos, and O. E. Gundersen, "The embrace of open science: An analysis of a decade of AI research and 56 800 conference papers," Under Review, 2026..
DRSM: De-Randomized Smoothing on Malware Classifier Providing Certified Robustness
Authors: Shoumik Saha, Wenxiao Wang, Yigitcan Kaya, Soheil Feizi, Tudor Dumitras
ICLR 2024 | Venue PDF | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | To our knowledge, we are the first to offer certified robustness in the realm of static detection of malware executables. More surprisingly, through evaluating DRSM against 9 empirical attacks of different types, we observe that the proposed defense is empirically robust to some extent against a diverse set of attacks, some of which even fall out of the scope of its original threat model. |
| Researcher Affiliation | Academia | Shoumik Saha, Wenxiao Wang, Yigitcan Kaya, Soheil Feizi & Tudor Dumitras EMAIL Department of Computer Science University of Maryland College Park |
| Pseudocode | No | The paper does not contain structured pseudocode or algorithm blocks. Figure 7 shows a model architecture diagram, but not pseudocode. |
| Open Source Code | Yes | Our code and dataset are available at https://github.com/Shoumik Saha/DRSM |
| Open Datasets | Yes | In addition, we collected 15.5K recent benign raw executables from diverse sources, which will be made public as a dataset called PACE (Publicly Accessible Collection(s) of Executables)... Our code and dataset are available at https://github.com/Shoumik Saha/DRSM |
| Dataset Splits | Yes | We split our dataset into 70:15:15 ratios for train, validation, and test sets, respectively. |
| Hardware Specification | Yes | All the models were re-trained for 10 epochs. We trained the models using multiple gpus at different times. But mostly used gpus were 4 NVIDIA RTX A4000 and 2 RTX A5000. |
| Software Dependencies | No | The paper mentions software like the 'secml-malware python library' and 'IDAPro disassembler' but does not provide specific version numbers for any software dependencies. |
| Experiment Setup | Yes | For our optimizer, we used Optimizer: SGD learning-rate: 0.01 momentum: 0.9 nesterov: True weight-decay: 1e 3. For training on VTFeed and our dataset, the batch size was 16 and 32, respectively. All the models were re-trained for 10 epochs. |