LMP-GAN: Out-of-distribution detection for non-control data malware attacks
Date of Award
5-5-2024
Degree Name
Ph.D. in Engineering
Department
Department of Electrical and Computer Engineering
Advisor/Chair
Keigo Hirakawa
Abstract
Anomaly detection is a common application of machine learning. Out-of-distribution (OOD) detection in particular is a semi-supervised anomaly detection technique where the detection method is trained only on the inlier (in-distribution) samples---unlike the fully supervised variant, the distribution of the outlier samples are never explicitly modeled in OOD detection tasks. In this work, we design a novel GAN-based OOD detection network specifically designed to protect a cyber-physical signal systems from novel Trojan malware called non-control data (NCD) attack that evades conventional malware detection techniques. Inspired in part by the classical locally most powerful (LMP) test in statistical inferences, the proposed LMP-GAN trains the OOD detector (discriminator) by generating OOD samples that are aimed at making maximal alteration to the inlier samples while evading detection. We experimentally compare the results to the state-of-the-art anomaly detection methods to demonstrate the benefits and the appropriateness of the LMP-GAN OOD detector.
Keywords
Machine learning, GAN, Malware: Anomaly Detection, OOD Detection, Non-Control Data
Rights Statement
Copyright 2024, author
Recommended Citation
Wood, David William, "LMP-GAN: Out-of-distribution detection for non-control data malware attacks" (2024). Graduate Theses and Dissertations. 7614.
https://ecommons.udayton.edu/graduate_theses/7614
