Machine learning methods to aid defence systems in detecting malicious activity typically rely on labelled data. In some domains, such labelled data is unavailable or incomplete. In practice this can lead to low detection rates and high false positive rates, which characterise for example anti-money laundering systems. In fact, it is estimated that 1.7--4 trillion euros are laundered annually and go undetected. We propose The GANfather, a method to generate samples with properties of malicious activity, without label requirements. We propose to reward the generation of malicious samples by introducing an extra objective to the typical Generative Adversarial Networks (GANs) loss. Ultimately, our goal is to enhance the detection of illicit activity using the discriminator network as a novel and robust defence system. Optionally, we may encourage the generator to bypass pre-existing detection systems. This setup then reveals defensive weaknesses for the discriminator to correct. We evaluate our method in two real-world use cases, money laundering and recommendation systems. In the former, our method moves cumulative amounts close to 350 thousand dollars through a network of accounts without being detected by an existing system. In the latter, we recommend the target item to a broad user base with as few as 30 synthetic attackers. In both cases, we train a new defence system to capture the synthetic attacks.

翻译：辅助防御系统检测恶意活动的机器学习方法通常依赖标注数据。在某些领域中，此类标注数据不可用或不完整。实践中，这可能导致检测率低和误报率高，例如反洗钱系统就存在这一特征。据估计，每年有1.7至4万亿欧元的洗钱活动未被发现。我们提出GANfather方法，无需标签即可生成具有恶意活动属性的样本。通过在典型生成对抗网络损失函数中引入额外目标，我们奖励生成恶意样本。最终目标是利用判别器网络作为新型且稳健的防御系统，增强对非法活动的检测能力。可选地，我们可激励生成器绕过现有检测系统，从而暴露防御缺陷供判别器修正。我们在两个实际用例（洗钱和推荐系统）中评估该方法。在前者中，我们的方法通过账户网络转移累计近35万美元而未被现有系统检测到；在后者中，我们仅用30个合成攻击者即可向广大用户群体推荐目标物品。在两种场景下，我们均训练新防御系统以捕获合成攻击。