Comments (5)
ZaydH
commented on August 19, 2024
It has been a few years since I worked on this code, and I am going off of memory.
The basic idea is you need to convert the SLEIPNIR files into a NumPy ndarray tensor. I found the old code I believe I used and uploaded it to a gist for you. Please try that. You may need to modify it to make it work.
from malwaregan.
vietvo89
commented on August 19, 2024
Thank you so much. Let me try your code. But one more thing, if I train MalGAN and have a model, how can I use your code to generate malware to evaluate the success rate of your method against the black-box detector? Is it right if I only use the trained Generator to produce benign samples from malware?
from malwaregan.
ZaydH
commented on August 19, 2024
I am not sure exactly what you mean. I will answer what is my best guess of what you mean. If this is off base, let me know.
The MalwareGAN code serial trains a blackbox detector (you can specify the type) as well as the GAN. I am not sure what you mean by "have a model". You could in theory replace my blackbox detector with your own if you wanted, but you would need to handle that integration.
To determine teh success rate as I did, I recommend splitting the training set into three parts: training, validation, and test. You use the training set to train the model (with validation for hyperparameter selection). Only then you use the held out test set to see how well your model performed on totally unseen data. This is the standard flow.
from malwaregan.
vietvo89
commented on August 19, 2024
Thank Zay.
I read other papers and they demonstrated how to do attack with GAN. But I want to double check with you that if I have trained GAN model, do I need Generator to attack or to make malware evade detectors? The flow may be feeding malware to the generator and then evaluate how its output evade the detector.
Thanks
from malwaregan.
ZaydH
commented on August 19, 2024
Yes.
After you train the model, you take a new malware vector, run it through the generator. This will yield a new vector that should evade the detector. To verify your workflow, you can then run that modified vector though the detector to see if it is marked as clean. This secondary sanity check is clearly not possible in practice but works for scientific evaluation/debugging.
from malwaregan.
Related Issues (7)
- Where is the Adversarial generated Binary? HOT 2
- What are the _Saved Models_? HOT 8
- Operation error HOT 6
- installation+implementation HOT 2
- requirements HOT 1
- what is "Best"? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from malwaregan.