On the Effectiveness of Generative Adversarial Networks for Data Augmentation in Malware Detection
摘要
Artificial intelligence has become crucial in routine tasks in the last few years. It is widely adopted in finance, the risk industry, and computer science. In the latter, Intelligent Systems has recently become necessary in cybersecurity to identify malicious actions attackers perform due to the inefficiency of the previous signature-based methodologies. To effectively use an AI-trained model, having a high-quality dataset is essential, representing one of the most critical challenges. In some cases, the amount of data that comprises the dataset is limited. Over the years, researchers have introduced different techniques to increase the accuracy, robustness, and generalizability of the model. One of these techniques is represented by data augmentation. This paper will demonstrate the effectiveness of different data augmentation techniques in malware detection, specifically in the Android environment. Moreover, we created five different datasets: one composed of original data obtained from malicious and trustworthy Android applications, and the other four including images obtained using various types of data augmentation. In detail, as data augmentation techniques, we used a standard technique like horizontal and vertical flipping, and three different Generative Adversarial Networks (DCGAN, WGAN, and WGAN-GP). Once we obtained datasets, we trained several models leveraging two Deep Learning architectures and compared the outcomes. In detail, using augmentation, we improved the accuracy between 9% and 14% using the InceptionV3 architecture. On the other hand, using the Standard CNN, we observed performance improvements ranging from 12% to 20%.