Deep reinforcement learning based Evasion Generative Adversarial Network for botnet detection

Rizwan Hamid Randhawa*, Nauman Aslam, Mohammad Alauthman, Muhammad Khalid, Husnain Rafiq

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

9 Citations (Scopus)
48 Downloads (Pure)

Abstract

Botnet detectors based on machine learning are potential targets for adversarial evasion attacks. Several research works employ adversarial training with samples generated from generative adversarial nets (GANs) to make the botnet detectors adept at recognising adversarial evasions. However, the synthetic evasions may not follow the original semantics of the input samples. This paper proposes a novel GAN model leveraged with deep reinforcement learning (DRL) to explore semantic aware samples and simultaneously harden its detection. A DRL agent is used to attack the discriminator of the GAN that acts as a botnet detector. The agent trains the discriminator on the crafted perturbations during the GAN training, which helps the GAN generator converge earlier than the case without DRL. We name this model RELEVAGAN, i.e. [“relieve a GAN” or deep REinforcement Learning-based Evasion Generative Adversarial Network] because, with the help of DRL, it minimises the GAN’s job by letting its generator explore the evasion samples within the semantic limits. During the GAN training, the attacks are conducted to adjust the discriminator weights for learning crafted perturbations by the agent. RELEVAGAN does not require adversarial training for the ML classifiers since it can act as an adversarial semantic-aware botnet detection model. The code will be available at https://github.com/rhr407/RELEVAGAN.
Original languageEnglish
Pages (from-to)294-302
Number of pages9
JournalFuture Generation Computer Systems
Volume150
Early online date7 Sept 2023
DOIs
Publication statusPublished - 1 Jan 2024

Keywords

  • Low data regimes
  • GANs
  • ACGAN
  • EVAGAN
  • Botnet

Cite this