Robustness of Image-Based Malware Classification Models trained with Generative Adversarial Networks

Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference Pub Date : 2023-06-14 DOI:10.1145/3590777.3590792

Ciaran Reilly, Stephen O Shaughnessy, Christina Thorpe

{"title":"Robustness of Image-Based Malware Classification Models trained with Generative Adversarial Networks","authors":"Ciaran Reilly, Stephen O Shaughnessy, Christina Thorpe","doi":"10.1145/3590777.3590792","DOIUrl":null,"url":null,"abstract":"As malware continues to evolve, deep learning models are increasingly used for malware detection and classification, including image-based classification. However, adversarial attacks can be used to perturb images so as to evade detection by these models. This study investigates the effectiveness of training deep learning models with Generative Adversarial Network-generated data to improve their robustness against such attacks. Two image conversion methods, byteplot and space-filling curves, were used to represent the malware samples, and a ResNet-50 architecture was used to train models on the image datasets. The models were then tested against a projected gradient descent attack. It was found that without GAN-generated data, the models’ prediction performance drastically decreased from 93-95% to 4.5% accuracy. However, the addition of adversarial images to the training data almost doubled the accuracy of the models. This study highlights the potential benefits of incorporating GAN-generated data in the training of deep learning models to improve their robustness against adversarial attacks.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3590777.3590792","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

As malware continues to evolve, deep learning models are increasingly used for malware detection and classification, including image-based classification. However, adversarial attacks can be used to perturb images so as to evade detection by these models. This study investigates the effectiveness of training deep learning models with Generative Adversarial Network-generated data to improve their robustness against such attacks. Two image conversion methods, byteplot and space-filling curves, were used to represent the malware samples, and a ResNet-50 architecture was used to train models on the image datasets. The models were then tested against a projected gradient descent attack. It was found that without GAN-generated data, the models’ prediction performance drastically decreased from 93-95% to 4.5% accuracy. However, the addition of adversarial images to the training data almost doubled the accuracy of the models. This study highlights the potential benefits of incorporating GAN-generated data in the training of deep learning models to improve their robustness against adversarial attacks.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

生成对抗网络训练的基于图像的恶意软件分类模型的鲁棒性

随着恶意软件的不断发展，深度学习模型越来越多地用于恶意软件检测和分类，包括基于图像的分类。然而，对抗性攻击可以用来干扰图像，以逃避这些模型的检测。本研究探讨了用生成式对抗网络生成的数据训练深度学习模型的有效性，以提高其对此类攻击的鲁棒性。采用字节图和空间填充曲线两种图像转换方法表示恶意软件样本，并采用ResNet-50架构在图像数据集上训练模型。然后对这些模型进行了针对投影梯度下降攻击的测试。研究发现，在没有gan生成数据的情况下，模型的预测精度从93-95%急剧下降到4.5%。然而，在训练数据中加入对抗图像几乎使模型的准确性提高了一倍。本研究强调了将gan生成的数据纳入深度学习模型训练的潜在好处，以提高其对对抗性攻击的鲁棒性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference

自引率

0.00%

发文量