Auxiliary-Classifier GAN for Malware Analysis
This work addresses malware analysis for security applications, but it is incremental as it applies an existing method (AC-GAN) to a new domain (malware images).
The paper tackled generating fake malware images using auxiliary classifier GANs (AC-GAN) and evaluated classification techniques, finding that distinguishing real from fake samples yields strong results, but AC-GAN images do not achieve deep fake quality.
Generative adversarial networks (GAN) are a class of powerful machine learning techniques, where both a generative and discriminative model are trained simultaneously. GANs have been used, for example, to successfully generate "deep fake" images. A recent trend in malware research consists of treating executables as images and employing image-based analysis techniques. In this research, we generate fake malware images using auxiliary classifier GANs (AC-GAN), and we consider the effectiveness of various techniques for classifying the resulting images. Our results indicate that the resulting multiclass classification problem is challenging, yet we can obtain strong results when restricting the problem to distinguishing between real and fake samples. While the AC-GAN generated images often appear to be very similar to real malware images, we conclude that from a deep learning perspective, the AC-GAN generated samples do not rise to the level of deep fake malware images.