Using Generative Adversarial Networks for Data Augmentation in Android Malware Detection

Abstract

In the field of mobile malware detection, the problem of sample imbalance often occurs in the dataset, making the classifier unable to learn features through sufficient data during the training process. This research used the generative adversarial networks (GAN). In this paper, features of malwares are transformed into image expressions, and data is generated from a small number of malicious families to balance and expand the original dataset. We also compare other data augmentation techniques to explore whether they are beneficial to identify a small number of malicious samples. Experiments show that both traditional techniques and GAN can improve the accuracy of classification, but GAN can more effectively improve the classification model to detect that the dataset originally has a small number of datasets and the recognition accuracy is lower. The experimental results show that in the different datasets of 4,000 data in Drebin and 20,000 data in AMD, the types with a relatively small number of samples are augmented by the GAN. Compared with before and after data augmentation, the difference in F1-score accuracy can reach 5%~20%.