Deep Reinforcement Learning based Evasion Generative Adversarial Network for Botnet Detection

TL;DR

This paper introduces RELEVAGAN, a novel GAN model that uses deep reinforcement learning to generate semantically aware evasion samples, improving botnet detection robustness without needing additional adversarial training.

Contribution

It proposes a DRL-enhanced GAN framework that explores semantic-aware evasion samples and accelerates discriminator training for botnet detection.

Findings

RELEVAGAN converges faster than traditional GANs.

It generates semantically meaningful evasion samples.

The model enhances botnet detector robustness against adversarial attacks.

Abstract

Botnet detectors based on machine learning are potential targets for adversarial evasion attacks. Several research works employ adversarial training with samples generated from generative adversarial nets (GANs) to make the botnet detectors adept at recognising adversarial evasions. However, the synthetic evasions may not follow the original semantics of the input samples. This paper proposes a novel GAN model leveraged with deep reinforcement learning (DRL) to explore semantic aware samples and simultaneously harden its detection. A DRL agent is used to attack the discriminator of the GAN that acts as a botnet detector. The discriminator is trained on the crafted perturbations by the agent during the GAN training, which helps the GAN generator converge earlier than the case without DRL. We name this model RELEVAGAN, i.e. ["relive a GAN" or deep REinforcement Learning-based Evasion Generative Adversarial Network] because, with the help of DRL, it minimises the GAN's job by letting its generator explore the evasion samples within the semantic limits. During the GAN training, the attacks are conducted to adjust the discriminator weights for learning crafted perturbations by the agent. RELEVAGAN does not require adversarial training for the ML classifiers since it can act as an adversarial semantic-aware botnet detection model. Code will be available at https://github.com/rhr407/RELEVAGAN.