Evaluating the Impact of Generative Adversarial Network in Android Malware Detection

Fabio Martinelli, Francesco Mercaldo, Francesco Mercaldo, Antonella Santone

2024

Abstract

The recent development of Generative Adversarial Networks demonstrated a great ability to generate images indistinguishable from real images, leading the academic and industrial community to pose the problem of recognizing a fake image from a real one. This aspect is really crucial, as a matter of fact, images are used in many fields, from video surveillance but also to cybersecurity, in particular in malware detection, where the scientific community has recently proposed a plethora of approaches aimed at identifying malware applications previously converted into images. In fact, in the context of malware detection, using a Generative Adversarial Network it might be possible to generate examples of malware applications capable of evading detection by antimalware (and also able to generate new malware variants). In this paper, we propose a method to evaluate whether the images produced by a Generative Adversarial Network, obtained starting from a dataset of malicious Android applications, can be distinguishable from images obtained from real malware applications. Once the images are generated, we train several supervised machine learning models to understand if the classifiers are able to discriminate between real malicious applications and generated malicious applications. We perform experiments with the Deep Convolutional Generative Adversarial Network, a type of Generative Adversarial Network, showing that currently the images generated, although indistinguishable to the human eye, are correctly identified by a classifier with an F-Measure greater than 0.8. Although most of the generated images are correctly identified as fake, some of them are not recognized as such, they are therefore considered images generated by real applications.

Download


Paper Citation


in Harvard Style

Martinelli F., Mercaldo F. and Santone A. (2024). Evaluating the Impact of Generative Adversarial Network in Android Malware Detection. In Proceedings of the 19th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE; ISBN 978-989-758-696-5, SciTePress, pages 590-597. DOI: 10.5220/0012699000003687


in Bibtex Style

@conference{enase24,
author={Fabio Martinelli and Francesco Mercaldo and Antonella Santone},
title={Evaluating the Impact of Generative Adversarial Network in Android Malware Detection},
booktitle={Proceedings of the 19th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE},
year={2024},
pages={590-597},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012699000003687},
isbn={978-989-758-696-5},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 19th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE
TI - Evaluating the Impact of Generative Adversarial Network in Android Malware Detection
SN - 978-989-758-696-5
AU - Martinelli F.
AU - Mercaldo F.
AU - Santone A.
PY - 2024
SP - 590
EP - 597
DO - 10.5220/0012699000003687
PB - SciTePress