Cargando…
Generative adversarial networks and image-based malware classification
For efficient malware removal, determination of malware threat levels, and damage estimation, malware family classification plays a critical role. In this paper, we extract features from malware executable files and represent them as images using various approaches. We then focus on generative adver...
| Autores principales: | , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
Springer Paris
2023
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9923654/ http://dx.doi.org/10.1007/s11416-023-00465-2 |
| _version_ | 1784887761772216320 |
|---|---|
| author | Nguyen, Huy Di Troia, Fabio Ishigaki, Genya Stamp, Mark |
| author_facet | Nguyen, Huy Di Troia, Fabio Ishigaki, Genya Stamp, Mark |
| author_sort | Nguyen, Huy |
| collection | PubMed |
| description | For efficient malware removal, determination of malware threat levels, and damage estimation, malware family classification plays a critical role. In this paper, we extract features from malware executable files and represent them as images using various approaches. We then focus on generative adversarial networks (GAN) for multiclass classification and compare our GAN results to other popular machine learning techniques, including support vector machine (SVM), XGBoost, and restricted Boltzmann machines (RBM). We find that the AC-GAN discriminator is generally competitive with other machine learning techniques. We also evaluate the utility of the GAN generative model for adversarial attacks on image-based malware detection. While AC-GAN generated images are visually impressive, we find that they are easily distinguished from real malware images using any of several learning techniques. This result indicates that our GAN generated images are of surprisingly little value in adversarial attacks. |
| format | Online Article Text |
| id | pubmed-9923654 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2023 |
| publisher | Springer Paris |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-99236542023-02-13 Generative adversarial networks and image-based malware classification Nguyen, Huy Di Troia, Fabio Ishigaki, Genya Stamp, Mark J Comput Virol Hack Tech Original Paper For efficient malware removal, determination of malware threat levels, and damage estimation, malware family classification plays a critical role. In this paper, we extract features from malware executable files and represent them as images using various approaches. We then focus on generative adversarial networks (GAN) for multiclass classification and compare our GAN results to other popular machine learning techniques, including support vector machine (SVM), XGBoost, and restricted Boltzmann machines (RBM). We find that the AC-GAN discriminator is generally competitive with other machine learning techniques. We also evaluate the utility of the GAN generative model for adversarial attacks on image-based malware detection. While AC-GAN generated images are visually impressive, we find that they are easily distinguished from real malware images using any of several learning techniques. This result indicates that our GAN generated images are of surprisingly little value in adversarial attacks. Springer Paris 2023-02-13 /pmc/articles/PMC9923654/ http://dx.doi.org/10.1007/s11416-023-00465-2 Text en © The Author(s), under exclusive licence to Springer-Verlag France SAS, part of Springer Nature 2023, Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law. This article is made available via the PMC Open Access Subset for unrestricted research re-use and secondary analysis in any form or by any means with acknowledgement of the original source. These permissions are granted for the duration of the World Health Organization (WHO) declaration of COVID-19 as a global pandemic. |
| spellingShingle | Original Paper Nguyen, Huy Di Troia, Fabio Ishigaki, Genya Stamp, Mark Generative adversarial networks and image-based malware classification |
| title | Generative adversarial networks and image-based malware classification |
| title_full | Generative adversarial networks and image-based malware classification |
| title_fullStr | Generative adversarial networks and image-based malware classification |
| title_full_unstemmed | Generative adversarial networks and image-based malware classification |
| title_short | Generative adversarial networks and image-based malware classification |
| title_sort | generative adversarial networks and image-based malware classification |
| topic | Original Paper |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9923654/ http://dx.doi.org/10.1007/s11416-023-00465-2 |
| work_keys_str_mv | AT nguyenhuy generativeadversarialnetworksandimagebasedmalwareclassification AT ditroiafabio generativeadversarialnetworksandimagebasedmalwareclassification AT ishigakigenya generativeadversarialnetworksandimagebasedmalwareclassification AT stampmark generativeadversarialnetworksandimagebasedmalwareclassification |