Cybersecurity (Dec 2021)

LSGAN-AT: enhancing malware detector robustness against adversarial examples

  • Jianhua Wang,
  • Xiaolin Chang,
  • Yixiang Wang,
  • Ricardo J. Rodríguez,
  • Jianan Zhang

DOI
https://doi.org/10.1186/s42400-021-00102-9
Journal volume & issue
Vol. 4, no. 1
pp. 1 – 15

Abstract

Read online

Abstract Adversarial Malware Example (AME)-based adversarial training can effectively enhance the robustness of Machine Learning (ML)-based malware detectors against AME. AME quality is a key factor to the robustness enhancement. Generative Adversarial Network (GAN) is a kind of AME generation method, but the existing GAN-based AME generation methods have the issues of inadequate optimization, mode collapse and training instability. In this paper, we propose a novel approach (denote as LSGAN-AT) to enhance ML-based malware detector robustness against Adversarial Examples, which includes LSGAN module and AT module. LSGAN module can generate more effective and smoother AME by utilizing brand-new network structures and Least Square (LS) loss to optimize boundary samples. AT module makes adversarial training using AME generated by LSGAN to generate ML-based Robust Malware Detector (RMD). Extensive experiment results validate the better transferability of AME in terms of attacking 6 ML detectors and the RMD transferability in terms of resisting the MalGAN black-box attack. The results also verify the performance of the generated RMD in the recognition rate of AME.

Keywords