Malware detection employed by visualization and deep neural network

With the fast growth of malware’s volume circulating in the wild, to obtain a timely and correct classification is increasingly difficult. Traditional approaches to automatic classification suffer from some limitations. The first one concerns the feature extraction: static approaches are hindered by...

Full description

Saved in:
Bibliographic Details
Published in:Computers & security 2021-06, Vol.105, p.102247, Article 102247
Main Authors: Pinhero, Anson, M L, Anupama, P, Vinod, Visaggio, C.A., N, Aneesh, S, Abhijith, S, AnanthaKrishnan
Format: Article
Language:English
Subjects:
Artificial neural networks
Classification
Computer architecture
Cybersecurity
Datasets
Deep learning
Feature extraction
Machine learning
Malware
Malware classification
Malware detection
Malware visualization
Neural networks
Prediction models
Visualization
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With the fast growth of malware’s volume circulating in the wild, to obtain a timely and correct classification is increasingly difficult. Traditional approaches to automatic classification suffer from some limitations. The first one concerns the feature extraction: static approaches are hindered by code obfuscation techniques, while dynamic approaches are time consuming and evasion techniques often impede the correct execution of the code. The second limitation regards the building of the prediction models: the adequateness of a training dataset may degrade over time or can not be sufficient for some malware families or instances. With this paper we investigate the effectiveness of a new approach that uses malware visualization, for overcoming the problems related to the features selection and extraction, along with deep learning classification, whose performances are less sensitive to a small dataset than machine learning. The experiments carried out on twelve different neural network architectures and with a dataset of 20,199 malware, demonstrate that the proposed approach is successful as produced an F-measure of 99.97%.
ISSN:0167-4048
1872-6208
DOI:10.1016/j.cose.2021.102247