期刊
INFORMATION SCIENCES
卷 460, 期 -, 页码 83-102出版社
ELSEVIER SCIENCE INC
DOI: 10.1016/j.ins.2018.04.092
关键词
Malicious software; Zero-day attack; Generative adversarial network; Autoencoder; Transferlearning; Robustness to noise
资金
- Defense Acquisition Program Administration
- Agency for Defense Development [UD160066BD]
Detecting malicious software (malware) is important for computer security. Among the different types of malware, zero-day malware is problematic because it cannot be removed by antivirus systems. Existing malware detection mechanisms use stored malware characteristics, which hinders detecting zero-day attacks where altered malware is generated to avoid detection by antivirus systems. To detect malware including zero-day attacks robustly, this paper proposes a novel method called transferred deep-convolutional generative adversarial network (tDCGAN), which generates fake malware and learns to distinguish it from real malware. The data generated from a random distribution are similar but not identical to the real data: it includes modified features compared with real data. The detector learns various malware features using real data and modified data generated by the tDCGAN based on a deep autoencoder (DAE), which extracts appropriate features and stabilizes the GAN training. Before training the GAN, the DAE learns malware characteristics, produces general data, and transfers this capacity for stable training of the GAN generator. The trained discriminator passes down the ability to capture malware features to the detector, using transfer learning. We show that tDCGAN achieves 95.74% average classification accuracy which is higher than that of other models and increases the learning stability. It is also the most robust against modeled zero-day attacks compared to others. (C) 2018 Elsevier Inc. All rights reserved.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据