Malware detection using deep transferred generative adversarial networks

Jin Young Kim, Seok Jun Bu, Sung-Bae Cho

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Citations (Scopus)

Abstract

Malicious software is generated with more and more modified features of which the methods to detect malicious software use characteristics. Automatic classification of malicious software is efficient because it does not need to store all characteristic. In this paper, we propose a transferred generative adversarial network (tGAN) for automatic classification and detection of the zero-day attack. Since the GAN is unstable in training process, often resulting in generator that produces nonsensical outputs, a method to pre-train GAN with autoencoder structure is proposed. We analyze the detector, and the performance of the detector is visualized by observing the clustering pattern of malicious software using t-SNE algorithm. The proposed model gets the best performance compared with the conventional machine learning algorithms.

Original languageEnglish
Title of host publicationNeural Information Processing - 24th International Conference, ICONIP 2017, Proceedings
EditorsYuanqing Li, Derong Liu, Shengli Xie, El-Sayed M. El-Alfy, Dongbin Zhao
PublisherSpringer Verlag
Pages556-564
Number of pages9
ISBN (Print)9783319700861
DOIs
Publication statusPublished - 2017 Jan 1
Event24th International Conference on Neural Information Processing, ICONIP 2017 - Guangzhou, China
Duration: 2017 Nov 142017 Nov 18

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10634 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other24th International Conference on Neural Information Processing, ICONIP 2017
CountryChina
CityGuangzhou
Period17/11/1417/11/18

Fingerprint

Malware
Software
Detector
Detectors
Learning algorithms
Learning systems
Learning Algorithm
Machine Learning
Unstable
Attack
Clustering
Generator
Output
Zero

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Kim, J. Y., Bu, S. J., & Cho, S-B. (2017). Malware detection using deep transferred generative adversarial networks. In Y. Li, D. Liu, S. Xie, E-S. M. El-Alfy, & D. Zhao (Eds.), Neural Information Processing - 24th International Conference, ICONIP 2017, Proceedings (pp. 556-564). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10634 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-70087-8_58
Kim, Jin Young ; Bu, Seok Jun ; Cho, Sung-Bae. / Malware detection using deep transferred generative adversarial networks. Neural Information Processing - 24th International Conference, ICONIP 2017, Proceedings. editor / Yuanqing Li ; Derong Liu ; Shengli Xie ; El-Sayed M. El-Alfy ; Dongbin Zhao. Springer Verlag, 2017. pp. 556-564 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{2129797e4f5b4b89937c958251dce875,
title = "Malware detection using deep transferred generative adversarial networks",
abstract = "Malicious software is generated with more and more modified features of which the methods to detect malicious software use characteristics. Automatic classification of malicious software is efficient because it does not need to store all characteristic. In this paper, we propose a transferred generative adversarial network (tGAN) for automatic classification and detection of the zero-day attack. Since the GAN is unstable in training process, often resulting in generator that produces nonsensical outputs, a method to pre-train GAN with autoencoder structure is proposed. We analyze the detector, and the performance of the detector is visualized by observing the clustering pattern of malicious software using t-SNE algorithm. The proposed model gets the best performance compared with the conventional machine learning algorithms.",
author = "Kim, {Jin Young} and Bu, {Seok Jun} and Sung-Bae Cho",
year = "2017",
month = "1",
day = "1",
doi = "10.1007/978-3-319-70087-8_58",
language = "English",
isbn = "9783319700861",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "556--564",
editor = "Yuanqing Li and Derong Liu and Shengli Xie and El-Alfy, {El-Sayed M.} and Dongbin Zhao",
booktitle = "Neural Information Processing - 24th International Conference, ICONIP 2017, Proceedings",
address = "Germany",

}

Kim, JY, Bu, SJ & Cho, S-B 2017, Malware detection using deep transferred generative adversarial networks. in Y Li, D Liu, S Xie, E-SM El-Alfy & D Zhao (eds), Neural Information Processing - 24th International Conference, ICONIP 2017, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10634 LNCS, Springer Verlag, pp. 556-564, 24th International Conference on Neural Information Processing, ICONIP 2017, Guangzhou, China, 17/11/14. https://doi.org/10.1007/978-3-319-70087-8_58

Malware detection using deep transferred generative adversarial networks. / Kim, Jin Young; Bu, Seok Jun; Cho, Sung-Bae.

Neural Information Processing - 24th International Conference, ICONIP 2017, Proceedings. ed. / Yuanqing Li; Derong Liu; Shengli Xie; El-Sayed M. El-Alfy; Dongbin Zhao. Springer Verlag, 2017. p. 556-564 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10634 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Malware detection using deep transferred generative adversarial networks

AU - Kim, Jin Young

AU - Bu, Seok Jun

AU - Cho, Sung-Bae

PY - 2017/1/1

Y1 - 2017/1/1

N2 - Malicious software is generated with more and more modified features of which the methods to detect malicious software use characteristics. Automatic classification of malicious software is efficient because it does not need to store all characteristic. In this paper, we propose a transferred generative adversarial network (tGAN) for automatic classification and detection of the zero-day attack. Since the GAN is unstable in training process, often resulting in generator that produces nonsensical outputs, a method to pre-train GAN with autoencoder structure is proposed. We analyze the detector, and the performance of the detector is visualized by observing the clustering pattern of malicious software using t-SNE algorithm. The proposed model gets the best performance compared with the conventional machine learning algorithms.

AB - Malicious software is generated with more and more modified features of which the methods to detect malicious software use characteristics. Automatic classification of malicious software is efficient because it does not need to store all characteristic. In this paper, we propose a transferred generative adversarial network (tGAN) for automatic classification and detection of the zero-day attack. Since the GAN is unstable in training process, often resulting in generator that produces nonsensical outputs, a method to pre-train GAN with autoencoder structure is proposed. We analyze the detector, and the performance of the detector is visualized by observing the clustering pattern of malicious software using t-SNE algorithm. The proposed model gets the best performance compared with the conventional machine learning algorithms.

UR - http://www.scopus.com/inward/record.url?scp=85035114862&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85035114862&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-70087-8_58

DO - 10.1007/978-3-319-70087-8_58

M3 - Conference contribution

SN - 9783319700861

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 556

EP - 564

BT - Neural Information Processing - 24th International Conference, ICONIP 2017, Proceedings

A2 - Li, Yuanqing

A2 - Liu, Derong

A2 - Xie, Shengli

A2 - El-Alfy, El-Sayed M.

A2 - Zhao, Dongbin

PB - Springer Verlag

ER -

Kim JY, Bu SJ, Cho S-B. Malware detection using deep transferred generative adversarial networks. In Li Y, Liu D, Xie S, El-Alfy E-SM, Zhao D, editors, Neural Information Processing - 24th International Conference, ICONIP 2017, Proceedings. Springer Verlag. 2017. p. 556-564. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-70087-8_58