Large-scale malware classification using random projections and neural networks

Automatically generated malware is a significant problem for computer users. Analysts are able to manually investigate a small number of unknown files, but the best large-scale defense for detecting malware is automated malware classification. Malware classifiers often use sparse binary features, an...

Full description

Saved in:
Bibliographic Details
Main Authors: Dahl, George E., Stokes, Jack W., Li Deng, Dong Yu
Format: Conference Proceeding
Language:English
Subjects:
Computers
Error analysis
Logistics
Malware
Malware Classification
Neural Network
Neural networks
Random Projections
Training
Vectors
Citations: Items that cite this one
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Automatically generated malware is a significant problem for computer users. Analysts are able to manually investigate a small number of unknown files, but the best large-scale defense for detecting malware is automated malware classification. Malware classifiers often use sparse binary features, and the number of potential features can be on the order of tens or hundreds of millions. Feature selection reduces the number of features to a manageable number for training simpler algorithms such as logistic regression, but this number is still too large for more complex algorithms such as neural networks. To overcome this problem, we used random projections to further reduce the dimensionality of the original input space. Using this architecture, we train several very large-scale neural network systems with over 2.6 million labeled samples thereby achieving classification results with a two-class error rate of 0.49% for a single neural network and 0.42% for an ensemble of neural networks.
ISSN:1520-6149
2379-190X
DOI:10.1109/ICASSP.2013.6638293