Catch Me If You GAN: Using Artificial Intelligence for Fake Log Generation

With artificial intelligence (AI) becoming relevant in various parts of everyday life, other technologies are already widely influenced by the new way of handling large amounts of data. Although widespread already, AI has had only punctual influences on the cybersecurity field specifically. Many techniques and technologies used by cybersecurity experts function through manual labor and barely draw on automation, e.g., logs are often reviewed manually by system admins for potentially malicious keywords. This work evaluates the use of a special type of AI called generative adversarial networks (GANs) for log generation. More precisely, three different generative adversarial networks, SeqGAN, MaliGAN, and CoT, are reviewed in this research regarding their performance, focusing on generating new logs as a means of deceiving system admins for red teams. Although static generators for fake logs have been around for a while, their produces are usually easy to reveal as such. Using AI as an approach to this problem has not been widely researched. Identified challenges consist of formatting, dates and times, and overall consistency. Summing up the results, GANs seem not to be a good fit for generating fake logs. Their capability to detect fake logs, however, might be of use in practical scenarios.