[2604.03843] Explainability-Guided Adversarial Attacks on Transformer-Based Malware Detectors Using Control Flow Graphs

Computer Science > Cryptography and Security arXiv:2604.03843 (cs) [Submitted on 4 Apr 2026] Title:Explainability-Guided Adversarial Attacks on Transformer-Based Malware Detectors Using Control Flow Graphs Authors:Andrew Wheeler, Kshitiz Aryal, Maanak Gupta View a PDF of the paper titled Explainability-Guided Adversarial Attacks on Transformer-Based Malware Detectors Using Control Flow Graphs, by Andrew Wheeler and 2 other authors View PDF HTML (experimental) Abstract:Transformer-based malware detection systems operating on graph modalities such as control flow graphs (CFGs) achieve strong performance by modeling structural relationships in program behavior. However, their robustness to adversarial evasion attacks remains underexplored. This paper examines the vulnerability of a RoBERTa-based malware detector that linearizes CFGs into sequences of function calls, a design choice that enables transformer modeling but may introduce token-level sensitivities and ordering artifacts exploitable by adversaries. By evaluating evasion strategies within this graph-to-sequence framework, we provide insight into the practical robustness of transformer-based malware detectors beyond aggregate detection accuracy. This paper proposes a white-box adversarial evasion attack that leverages explainability mechanisms to identify and perturb most influential graph components. Using token- and word-level attributions derived from integrated gradients, the attack iteratively replaces positively...