Automated malware identification method using image descriptors and singular value decomposition

Cyber-attacks have become a significant problem worldwide. Therefore, many methods, networks, and applications have been suggested for providing information security in the literature. Automated malware classification has become one of the hot-topic research areas in information security and digital...

Full description

Saved in:
Bibliographic Details
Published in:Multimedia tools and applications 2021-03, Vol.80 (7), p.10881-10900
Main Authors: Tuncer, Turker, Ertam, Fatih, Dogan, Sengul
Format: Article
Language:English
Subjects:
Artificial neural networks
Automation
Classification
Computer Communication Networks
Computer Science
Cybersecurity
Data Structures and Information Theory
Datasets
Digital imaging
Discriminant analysis
Feature extraction
Forensic computing
Identification methods
Image processing
Machine learning
Malware
Methods
Multilayers
Multimedia Information Systems
Object recognition
Principal components analysis
Singular value decomposition
Special Purpose and Application-Based Systems
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Cyber-attacks have become a significant problem worldwide. Therefore, many methods, networks, and applications have been suggested for providing information security in the literature. Automated malware classification has become one of the hot-topic research areas in information security and digital forensics. Image processing methods have been used to solve malware detection and recognition problem. Three effective feature extractors are used to propose an automated malware classification method in this work. The proposed method uses local binary pattern (LBP), singular value decomposition (SVD), and a novel local ternary pattern network (LTPNet) to extract features. The extracted features using the hybrid feature extractor are reduced using principal component analysis (PCA). The final features are forwarded to linear discriminant analysis (LDA) classifier. A commonly used heterogonous and big malware dataset (Maligm) is used to obtain the success of the proposed LBP, LTPNet, and SVD based malware classification method. There are 9339 malwares with 25 classes in the Maligm dataset. The proposed LBP-SVD-LTPNet based method achieved an 88.08% success rate using this dataset. The obtained accuracy rate of the proposed LBP-SVD-LTPNet based method is higher than the selected deep learning methods. These methods are convolutional neural network (CNN), multi-layer perceptron (MLP), gated recurrent units (GRU), GoogleNet, VGG16, and ResNet. These results openly demonstrated that the proposed LBP-SVD-LTPNet based malware classification method is successful.
ISSN:1380-7501
1573-7721
DOI:10.1007/s11042-020-10317-6