Resilience against Adversarial Examples: Data-Augmentation Exploiting Generative Adversarial Networks

• Mingu Kang,
• HyeungKyeom Kim,
• Suchul Lee,
• Seokmin Han,

Vol. 15, No. 11, November 30, 2021
10.3837/tiis.2021.11.013, Download Paper (Free):

• Malware classification
• Microsoft Malware Classification Challenge (BIG2015)
• conditional GAN
• data augmentation
• Adversarial Examples

Abstract

Recently, malware classification based on Deep Neural Networks (DNN) has gained significant attention due to the rise in popularity of artificial intelligence (AI). DNN-based malware classifiers are a novel solution to combat never-before-seen malware families because this approach is able to classify malwares based on structural characteristics rather than requiring particular signatures like traditional malware classifiers. However, these DNN-based classifiers have been found to lack robustness against malwares that are carefully crafted to evade detection. These specially crafted pieces of malware are referred to as adversarial examples. We consider a clever adversary who has a thorough knowledge of DNN-based malware classifiers and will exploit it to generate a crafty malware to fool DNN-based classifiers. In this paper, we propose a DNN-based malware classifier that becomes resilient to these kinds of attacks by exploiting Generative Adversarial Network (GAN) based data augmentation. The experimental results show that the proposed scheme classifies malware, including AEs, with a false positive rate (FPR) of 3.0% and a balanced accuracy of 70.16%. These are respective 26.1% and 18.5% enhancements when compared to a traditional DNN-based classifier that does not exploit GAN.

Statistics

Cite this article