This paper addresses the issue of evasion attacks against machine learning systems at test time, particularly in security-sensitive applications such as malware detection. The authors propose a gradient-based approach to systematically assess the security of widely used classification algorithms against such attacks. They simulate different risk levels for the classifier by varying the attacker's knowledge and ability to manipulate attack samples. The study evaluates the effectiveness of their approach on malware detection in PDF files, demonstrating that these systems can be easily evaded. The paper also discusses countermeasures and suggests future directions for improving security. Key findings include the importance of incorporating a "mimicry" component to bias the gradient descent towards regions with more legitimate samples, which can enhance the probability of successful evasion. The results highlight the need for more secure classifier designs and the potential for using regularization terms to improve robustness.This paper addresses the issue of evasion attacks against machine learning systems at test time, particularly in security-sensitive applications such as malware detection. The authors propose a gradient-based approach to systematically assess the security of widely used classification algorithms against such attacks. They simulate different risk levels for the classifier by varying the attacker's knowledge and ability to manipulate attack samples. The study evaluates the effectiveness of their approach on malware detection in PDF files, demonstrating that these systems can be easily evaded. The paper also discusses countermeasures and suggests future directions for improving security. Key findings include the importance of incorporating a "mimicry" component to bias the gradient descent towards regions with more legitimate samples, which can enhance the probability of successful evasion. The results highlight the need for more secure classifier designs and the potential for using regularization terms to improve robustness.