Malware Detection Using Contrastive Learning Based on Multi-Feature Fusion

The continuous emergence of malicious software poses a serious threat to computer security. Traditional malware detection approaches rely on single or limited datas for feature extraction, which may not fully capture the effective information provided by different information dimensions in PE files....

Full description

Saved in:
Bibliographic Details
Main Authors: Guo, Kailu, Xin, Yang, Yu, Tianxiang
Format: Conference Proceeding
Language:English
Subjects:
Codes
Computational modeling
Contrastive Learning
Data privacy
Dynamic Features
Feature extraction
Malware Detection
Multi-feature Fusion
Representation learning
Resists
Training
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The continuous emergence of malicious software poses a serious threat to computer security. Traditional malware detection approaches rely on single or limited datas for feature extraction, which may not fully capture the effective information provided by different information dimensions in PE files. Furthermore, attackers always employ code obfuscation and evasion techniques to interfere with detection results while still maintaining malicious intent. To address these issues, we designed and implemented a model, called MFFCL. Firstly, our approach uses data feature fusion technology to mine as much effective information as possible from execution records, forming the original dataset. Secondly, to effectively resist code obfuscation, we utilize supervised contrastive learning to constitute software features from high-dimensional space. Experiments on public datasets demonstrate that MFFCL can detect malware with high accuracy and stability. Specifically, during training, MFFCL achieved a precision rate of 97.25% and a recall rate of 94.1%.
ISSN:2324-9013
DOI:10.1109/TrustCom60117.2023.00229