AEDGAN: A Semi-Supervised Deep Learning Model for Zero-Day Malware Detection

Ali, Abdullah Marish and Ghaleb, Fuad A. and Saeed, Faisal (2025) AEDGAN: A Semi-Supervised Deep Learning Model for Zero-Day Malware Detection. International Journal of Advanced Computer Science and Applications, 16 (3). ISSN 2158-107X

[thumbnail of Paper_75-AEDGAN_A_Semi_Supervised_Deep_Learning_Model.pdf]
Preview
 Text
Paper_75-AEDGAN_A_Semi_Supervised_Deep_Learning_Model.pdf - Published Version
Available under License Creative Commons Attribution.
Download (1MB)

Abstract

Malware presents an increasing threat to cyberspace, drawing significant attention from researchers and industry professionals. Many solutions have been proposed for malware detection; however, zero-day malware detection remains challenging due to the evasive techniques used by malware authors and the limitations of existing solutions. Traditional supervised learning methods assume a fixed relationship between malware and their class labels over time, but this assumption does not hold in the ever-changing landscape of evasive malware and its variants. That is malware developers intentionally design malicious software to share features with benign programs, making zero-day malware. This study introduces the AEDGAN model, a zero-day malware detection framework based on a semi-supervised learning approach. The model leverages a generative adversarial network (GAN), an autoencoder, and a convolutional neural network (CNN) classifier to build an anomaly-based detection system. The GAN is used to learn representations of benign applications, while the auto-encoder extracts latent features that effectively characterize benign samples. The CNN classifier is trained on an integrated feature vector that combines the latent features from the autoencoder with hidden features extracted by the GAN’s discriminator. Extensive experiments were conducted to evaluate the model’s effectiveness. Results from two benchmark datasets show that the AEDGAN model outperforms existing solutions, achieving a 5% improvement in overall accuracy and an 11% reduction in false alarms compared to the best-performing related model.

Item Type: Article
Identification Number: 10.14569/IJACSA.2025.0160375
Dates:
Date
Event
3 March 2025
Accepted
31 March 2025
Published Online
Uncontrolled Keywords: Malware detection, zero-day, anomaly detection, generative adversarial network, autoencoder, convolutional neural network
Subjects: CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science
Divisions: Faculty of Computing, Engineering and the Built Environment > College of Computing
Depositing User: Gemma Tonks
Date Deposited: 03 Jun 2025 14:59
Last Modified: 03 Jun 2025 14:59
URI: https://www.open-access.bcu.ac.uk/id/eprint/16406

Actions (login required)

View Item View Item
Tools
CORE (COnnecting REpositories)

Research

In this section...