Unveiling Evasive Portable Documents with Explainable Kolmogorov-Arnold Networks Resilient to Generative Adversarial Attacks

Abstract

Portable Document Format (PDFs) files have become a serious threat to organizational security, as adversaries exploit their popularity and rich JavaScript environment to launch cyberattacks. Although Machine Learning (ML) methods have been developed for PDF malware detection, they remain vulnerable to adversarial attacks. To address this issue, we propose an efficient, explainable, and robust PDF malware detector that is resilient to generative adversarial attacks and effective against evasive malware using a 4-Layered 5-Fold Kolmogorov-Arnold Network (4L5FKAN). Our approach leverages Kolmogorov-Arnold Networks (KAN), a novel neural network architecture that has emerged as a strong alternative to traditional Multi-Layer Perceptron (MLP) models. To train our model, we constructed a comprehensive dataset by collecting over 100,000 raw PDFs from various sources, ensuring the inclusion of evasive malware samples through an extensive PDF mining process. The proposed 4L5FKAN model is designed to be exploit-agnostic to specific exploit patterns, making it resilient to Generative Adversarial Network (GAN) based attacks, enhancing interpretability using custom-built Local Interpretable Model-agnostic Explanations (LIME) and SHapley Additive exPlanations (SHAP). These explanation techniques provide privacy-preserved conservative explanations for model predictions, ensuring transparency. Our experimental results demonstrate that the proposed 4L5FKAN model achieves an outstanding detection accuracy of 98.7%–99.8% on unseen samples, outperforming existing state-of-the-art methods. Furthermore, it exhibits more than 25% reduction in false positives compared to conventional MLP-based approaches and shows a 30% increase in adversarial robustness against GAN-generated malware samples. These results highlight the effectiveness of our model in detecting evasive PDF malware while maintaining high interpretability and resilience to adversarial attacks. © 2025 Elsevier B.V., All rights reserved.