Malware detection method based on image analysis and generative adversarial networks

Concurrency and Computation: Practice and Experience Pub Date : 2022-07-08 DOI:10.1002/cpe.7170

Yanhua Liu, Jiaqi Li, Baoxu Liu, Xiaoling Gao, Ximeng Liu

{"title":"Malware detection method based on image analysis and generative adversarial networks","authors":"Yanhua Liu, Jiaqi Li, Baoxu Liu, Xiaoling Gao, Ximeng Liu","doi":"10.1002/cpe.7170","DOIUrl":null,"url":null,"abstract":"Malware detection is indispensable to cybersecurity. However, with the advent of new malware variants and scenarios with few and imbalanced samples, malware detection for various complex scenarios has been a very challenging problem. In this article, we propose a malware detection method based on image analysis and generative adversarial networks, named MadInG, which can improve the accuracy of malware detection for insufficient samples, sample imbalance, and new variants scenarios. Specifically, we first generate fixed‐size grayscale images of malware to reduce the workload of feature engineering or the involvement of domain expert knowledge on malware detection. Then we introduce auxiliary classifier generative adversarial networks into malware detection to enhance the generalization ability of the detector. Finally, we construct a variety of malware scenarios and compare our proposed method with existing popular detection methods. Extensive experimental results demonstrate that our method achieves high accuracy and well balance in malware detection for different scenarios, especially, the detection rate of malware variants reaches 99.5%.","PeriodicalId":10584,"journal":{"name":"Concurrency and Computation: Practice and Experience","volume":"42 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2022-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Concurrency and Computation: Practice and Experience","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/cpe.7170","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Malware detection is indispensable to cybersecurity. However, with the advent of new malware variants and scenarios with few and imbalanced samples, malware detection for various complex scenarios has been a very challenging problem. In this article, we propose a malware detection method based on image analysis and generative adversarial networks, named MadInG, which can improve the accuracy of malware detection for insufficient samples, sample imbalance, and new variants scenarios. Specifically, we first generate fixed‐size grayscale images of malware to reduce the workload of feature engineering or the involvement of domain expert knowledge on malware detection. Then we introduce auxiliary classifier generative adversarial networks into malware detection to enhance the generalization ability of the detector. Finally, we construct a variety of malware scenarios and compare our proposed method with existing popular detection methods. Extensive experimental results demonstrate that our method achieves high accuracy and well balance in malware detection for different scenarios, especially, the detection rate of malware variants reaches 99.5%.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于图像分析和生成对抗网络的恶意软件检测方法

恶意软件检测是网络安全不可或缺的一部分。然而，随着新的恶意软件变体和样本较少且不平衡的场景的出现，各种复杂场景的恶意软件检测已经成为一个非常具有挑战性的问题。在本文中，我们提出了一种基于图像分析和生成对抗网络的恶意软件检测方法MadInG，该方法可以提高样本不足、样本失衡和新变体场景下恶意软件检测的准确性。具体来说，我们首先生成固定大小的恶意软件灰度图像，以减少特征工程的工作量或领域专家知识对恶意软件检测的参与。然后，我们将辅助分类器生成对抗网络引入恶意软件检测中，以提高检测器的泛化能力。最后，我们构建了各种恶意软件场景，并将我们提出的方法与现有流行的检测方法进行了比较。大量的实验结果表明，该方法在不同场景的恶意软件检测中具有较高的准确率和较好的平衡性，特别是对恶意软件变体的检测率达到99.5%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Concurrency and Computation: Practice and Experience

自引率

0.00%

发文量