Auxiliary-Classifier GAN for Malware Analysis

Generative adversarial networks (GAN) are a class of powerful machine learning techniques, where both a generative and discriminative model are trained simultaneously. GANs have been used, for example, to successfully generate “deep fake” images. A recent trend in malware research consists of treating executables as images and employing image-based analysis techniques. In this research, we generate fake malware images using auxiliary classifier GANs (AC-GAN), and we consider the effectiveness of various techniques for classifying the resulting images. Our results indicate that the resulting multiclass classification problem is challenging, yet we can obtain strong results when restricting the problem to distinguishing between real and fake samples. While the AC-GAN generated images often appear to be very similar to real malware images, we conclude that from a deep learning perspective, the AC-GAN generated samples do not rise to the level of deep fake malware images.

[1]  Sergey Bratus,et al.  A Visual Study of Primitive Binary Fragment Types , 2010 .

[2]  Songqing Yue,et al.  Imbalanced Malware Images Classification: a CNN based Approach , 2017, ArXiv.

[3]  M. Stamp,et al.  An Empirical Analysis of Image-Based Learning Techniques for Malware Classification , 2020, Malware Analysis Using Artificial Intelligence and Deep Learning.

[4]  Jonathon Shlens,et al.  Conditional Image Synthesis with Auxiliary Classifier GANs , 2016, ICML.

[5]  Mark Stamp,et al.  Deep Learning versus Gist Descriptors for Image-based Malware Classification , 2018, ICISSP.

[6]  Igor Santos,et al.  Semi-supervised Learning for Unknown Malware Detection , 2011, DCAI.

[7]  Kaoru Ota,et al.  Improved MalGAN: Avoiding Malware Detector by Leaning Cleanware Features , 2019, 2019 International Conference on Artificial Intelligence in Information and Communication (ICAIIC).

[8]  Yan Lu,et al.  Generative Adversarial Network for Improving Deep Learning Based Malware Classification , 2019, 2019 Winter Simulation Conference (WSC).

[9]  Quan Qian,et al.  Deep Learning and Visualization for Identifying Malware Families , 2018, IEEE Transactions on Dependable and Secure Computing.

[10]  Adam Lutz,et al.  Malware classification using fusion of neural networks , 2019, Defense + Commercial Sensing.

[11]  Laurent Njilla,et al.  Malware Classification using Deep Convolutional Neural Networks , 2018, 2018 IEEE Applied Imagery Pattern Recognition Workshop (AIPR).

[12]  B. S. Manjunath,et al.  Malware images: visualization and automatic classification , 2011, VizSec '11.

[13]  Sung-Bae Cho,et al.  Malware Detection Using Deep Transferred Generative Adversarial Networks , 2017, ICONIP.

[14]  Erdogan Dogdu,et al.  Malware classification using deep learning methods , 2018, ACM Southeast Regional Conference.

[15]  Ying Tan,et al.  Generating Adversarial Malware Examples for Black-Box Attacks Based on GAN , 2017, DMBD.

[16]  Fabio Di Troia,et al.  Malware Classification using Long Short-term Memory Models , 2021, ICISSP.