Discovering Future Malware Variants By Generating New Malware Samples Using Generative Adversarial Network

Abstract

Detecting malware sample is one of the most important issues in computer security. Malware variants are growing exponentially by more usage of computer in industries, homes, and other places. Among different types of malware samples, zero-day samples are more challenging. The conventional antivirus systems, which rely on known malware patterns, cannot detect zero-day samples since did not see them before. As reported in [1], in 2018, 76% of successful attacks on organization endpoints were based on zero-day samples. Therefore, predicting these types of attacks and preparing a solution is an open challenge.This paper presents a deep generative adversarial network to generate the signature of unseen malware samples; The generated signature is potentially similar to the malware samples that may be released in the future. After generating the samples, these generated data were added to the dataset to train a robust classifier against new variants of malware. Also, neural network is applied for extracting high-level features from raw bytes for detection. In the proposed method, only the header of the executable file was used for detection, which is a small piece of the file that contains some information about the file. To validate our method, we used three classification algorithms and classified the raw and new representation using them. Also, we compared our work with another malware detection using the PE header. The results of this paper show that the generated data improves the accuracy of classification algorithms by at least 1%.