ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning

In recent years, cybersecurity has been strengthened through the adoption of processes, mechanisms and rapid sources of indicators of compromise in critical areas. Among the most latent challenges are the detection, classification and eradication of malware and Denial of Service Cyber-Attacks (DoS)....

Descripción completa

Detalles Bibliográficos
Autores principales: Hernandez-Suarez, Aldo, Sanchez-Perez, Gabriel, Toscano-Medina, Linda K., Perez-Meana, Hector, Olivares-Mercado, Jesus, Portillo-Portillo, Jose, Benitez-Garcia, Gibran, Sandoval Orozco, Ana Lucila, García Villalba, Luis Javier
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2023
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9920136/
https://www.ncbi.nlm.nih.gov/pubmed/36772270
http://dx.doi.org/10.3390/s23031231
_version_ 1784886996298104832
author Hernandez-Suarez, Aldo
Sanchez-Perez, Gabriel
Toscano-Medina, Linda K.
Perez-Meana, Hector
Olivares-Mercado, Jesus
Portillo-Portillo, Jose
Benitez-Garcia, Gibran
Sandoval Orozco, Ana Lucila
García Villalba, Luis Javier
author_facet Hernandez-Suarez, Aldo
Sanchez-Perez, Gabriel
Toscano-Medina, Linda K.
Perez-Meana, Hector
Olivares-Mercado, Jesus
Portillo-Portillo, Jose
Benitez-Garcia, Gibran
Sandoval Orozco, Ana Lucila
García Villalba, Luis Javier
author_sort Hernandez-Suarez, Aldo
collection PubMed
description In recent years, cybersecurity has been strengthened through the adoption of processes, mechanisms and rapid sources of indicators of compromise in critical areas. Among the most latent challenges are the detection, classification and eradication of malware and Denial of Service Cyber-Attacks (DoS). The literature has presented different ways to obtain and evaluate malware- and DoS-cyber-attack-related instances, either from a technical point of view or by offering ready-to-use datasets. However, acquiring fresh, up-to-date samples requires an arduous process of exploration, sandbox configuration and mass storage, which may ultimately result in an unbalanced or under-represented set. Synthetic sample generation has shown that the cost associated with setting up controlled environments and time spent on sample evaluation can be reduced. Nevertheless, the process is performed when the observations already belong to a characterized set, totally detached from a real environment. In order to solve the aforementioned, this work proposes a methodology for the generation of synthetic samples of malicious Portable Executable binaries and DoS cyber-attacks. The task is performed via a Reinforcement Learning engine, which learns from a baseline of different malware families and DoS cyber-attack network properties, resulting in new, mutated and highly functional samples. Experimental results demonstrate the high adaptability of the outputs as new input datasets for different Machine Learning algorithms.
format Online
Article
Text
id pubmed-9920136
institution National Center for Biotechnology Information
language English
publishDate 2023
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-99201362023-02-12 ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning Hernandez-Suarez, Aldo Sanchez-Perez, Gabriel Toscano-Medina, Linda K. Perez-Meana, Hector Olivares-Mercado, Jesus Portillo-Portillo, Jose Benitez-Garcia, Gibran Sandoval Orozco, Ana Lucila García Villalba, Luis Javier Sensors (Basel) Article In recent years, cybersecurity has been strengthened through the adoption of processes, mechanisms and rapid sources of indicators of compromise in critical areas. Among the most latent challenges are the detection, classification and eradication of malware and Denial of Service Cyber-Attacks (DoS). The literature has presented different ways to obtain and evaluate malware- and DoS-cyber-attack-related instances, either from a technical point of view or by offering ready-to-use datasets. However, acquiring fresh, up-to-date samples requires an arduous process of exploration, sandbox configuration and mass storage, which may ultimately result in an unbalanced or under-represented set. Synthetic sample generation has shown that the cost associated with setting up controlled environments and time spent on sample evaluation can be reduced. Nevertheless, the process is performed when the observations already belong to a characterized set, totally detached from a real environment. In order to solve the aforementioned, this work proposes a methodology for the generation of synthetic samples of malicious Portable Executable binaries and DoS cyber-attacks. The task is performed via a Reinforcement Learning engine, which learns from a baseline of different malware families and DoS cyber-attack network properties, resulting in new, mutated and highly functional samples. Experimental results demonstrate the high adaptability of the outputs as new input datasets for different Machine Learning algorithms. MDPI 2023-01-20 /pmc/articles/PMC9920136/ /pubmed/36772270 http://dx.doi.org/10.3390/s23031231 Text en © 2023 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Hernandez-Suarez, Aldo
Sanchez-Perez, Gabriel
Toscano-Medina, Linda K.
Perez-Meana, Hector
Olivares-Mercado, Jesus
Portillo-Portillo, Jose
Benitez-Garcia, Gibran
Sandoval Orozco, Ana Lucila
García Villalba, Luis Javier
ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning
title ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning
title_full ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning
title_fullStr ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning
title_full_unstemmed ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning
title_short ReinforSec: An Automatic Generator of Synthetic Malware Samples and Denial-of-Service Attacks through Reinforcement Learning
title_sort reinforsec: an automatic generator of synthetic malware samples and denial-of-service attacks through reinforcement learning
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9920136/
https://www.ncbi.nlm.nih.gov/pubmed/36772270
http://dx.doi.org/10.3390/s23031231
work_keys_str_mv AT hernandezsuarezaldo reinforsecanautomaticgeneratorofsyntheticmalwaresamplesanddenialofserviceattacksthroughreinforcementlearning
AT sanchezperezgabriel reinforsecanautomaticgeneratorofsyntheticmalwaresamplesanddenialofserviceattacksthroughreinforcementlearning
AT toscanomedinalindak reinforsecanautomaticgeneratorofsyntheticmalwaresamplesanddenialofserviceattacksthroughreinforcementlearning
AT perezmeanahector reinforsecanautomaticgeneratorofsyntheticmalwaresamplesanddenialofserviceattacksthroughreinforcementlearning
AT olivaresmercadojesus reinforsecanautomaticgeneratorofsyntheticmalwaresamplesanddenialofserviceattacksthroughreinforcementlearning
AT portilloportillojose reinforsecanautomaticgeneratorofsyntheticmalwaresamplesanddenialofserviceattacksthroughreinforcementlearning
AT benitezgarciagibran reinforsecanautomaticgeneratorofsyntheticmalwaresamplesanddenialofserviceattacksthroughreinforcementlearning
AT sandovalorozcoanalucila reinforsecanautomaticgeneratorofsyntheticmalwaresamplesanddenialofserviceattacksthroughreinforcementlearning
AT garciavillalbaluisjavier reinforsecanautomaticgeneratorofsyntheticmalwaresamplesanddenialofserviceattacksthroughreinforcementlearning

Ejemplares similares