Wang, Jianhua; Chang, Xiaolin; Wang, Yixiang; Rodríguez, Ricardo J; Zhang, Jianan
LSGAN-AT: Enhancing Malware Detector Robustness against Adversarial Examples Journal Article
In: Cybersecurity, vol. 4:38, no. 1, pp. 15, 2021, ISSN: 2523-3246.
Abstract | Links | BibTeX | Tags: Adversarial malware example, Generative adversarial network, Machine learning, Malware detector, Transferability
@article{WCWRZ-CYSE-21,
title = {LSGAN-AT: Enhancing Malware Detector Robustness against Adversarial Examples},
author = {Jianhua Wang and Xiaolin Chang and Yixiang Wang and Ricardo J Rodríguez and Jianan Zhang},
url = {http://webdiis.unizar.es/~ricardo/files/papers/WCWRZ-CYSE-21.pdf},
doi = {10.1186/s42400-021-00102-9},
issn = {2523-3246},
year = {2021},
date = {2021-01-01},
journal = {Cybersecurity},
volume = {4:38},
number = {1},
pages = {15},
abstract = {Adversarial Malware Example (AME)-based adversarial training can effectively enhance the robustness of Machine Learning (ML)-based malware detectors against AME. AME quality is a key factor to the robustness enhancement. Generative Adversarial Network (GAN) is a kind of AME generation method, but the existing GAN-based AME generation methods have the issues of inadequate optimization, mode collapse and training instability. In this paper, we propose a novel approach (denote as LSGAN-AT) to enhance ML-based malware detector robustness against Adversarial Examples, which includes LSGAN module and AT module. LSGAN module can generate more effective and smoother AME by utilizing brand-new network structures and Least Square (LS) loss to optimize boundary samples. AT module makes adversarial training using AME generated by LSGAN to generate ML-based Robust Malware Detector (RMD). Extensive experiment results validate the better transferability of AME in terms of attacking 6 ML detectors and the RMD transferability in terms of resisting the MalGAN black-box attack. The results also verify the performance of the generated RMD in the recognition rate of AME.},
keywords = {Adversarial malware example, Generative adversarial network, Machine learning, Malware detector, Transferability},
pubstate = {published},
tppubtype = {article}
}
Adversarial Malware Example (AME)-based adversarial training can effectively enhance the robustness of Machine Learning (ML)-based malware detectors against AME. AME quality is a key factor to the robustness enhancement. Generative Adversarial Network (GAN) is a kind of AME generation method, but the existing GAN-based AME generation methods have the issues of inadequate optimization, mode collapse and training instability. In this paper, we propose a novel approach (denote as LSGAN-AT) to enhance ML-based malware detector robustness against Adversarial Examples, which includes LSGAN module and AT module. LSGAN module can generate more effective and smoother AME by utilizing brand-new network structures and Least Square (LS) loss to optimize boundary samples. AT module makes adversarial training using AME generated by LSGAN to generate ML-based Robust Malware Detector (RMD). Extensive experiment results validate the better transferability of AME in terms of attacking 6 ML detectors and the RMD transferability in terms of resisting the MalGAN black-box attack. The results also verify the performance of the generated RMD in the recognition rate of AME.