当前位置: X-MOL 学术Comput. Secur. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Malware detection employed by visualization and deep neural network
Computers & Security ( IF 5.6 ) Pub Date : 2021-02-26 , DOI: 10.1016/j.cose.2021.102247
Anson Pinhero , Anupama M L , Vinod P , C.A. Visaggio , Aneesh N , Abhijith S , AnanthaKrishnan S

With the fast growth of malware’s volume circulating in the wild, to obtain a timely and correct classification is increasingly difficult. Traditional approaches to automatic classification suffer from some limitations. The first one concerns the feature extraction: static approaches are hindered by code obfuscation techniques, while dynamic approaches are time consuming and evasion techniques often impede the correct execution of the code. The second limitation regards the building of the prediction models: the adequateness of a training dataset may degrade over time or can not be sufficient for some malware families or instances. With this paper we investigate the effectiveness of a new approach that uses malware visualization, for overcoming the problems related to the features selection and extraction, along with deep learning classification, whose performances are less sensitive to a small dataset than machine learning. The experiments carried out on twelve different neural network architectures and with a dataset of 20,199 malware, demonstrate that the proposed approach is successful as produced an F-measure of 99.97%.



中文翻译:

可视化和深度神经网络采用的恶意软件检测

随着恶意软件在野外传播的数量快速增长,获取及时正确的分类变得越来越困难。传统的自动分类方法有一些局限性。第一个问题与特征提取有关:静态方法受代码混淆技术的阻碍,而动态方法则很耗时,而规避技术通常会阻碍代码的正确执行。第二个限制涉及预测模型的构建:训练数据集的适当性可能会随着时间的流逝而降低,或者对于某些恶意软件家族或实例而言可能不足。在本文中,我们研究了一种使用恶意软件可视化的新方法的有效性,该方法可解决与功能选择和提取以及深度学习分类相关的问题,其性能对小型数据集的敏感度不如机器学习。在十二种不同的神经网络体系结构上进行的实验以及20199个恶意软件的数据集表明,所提出的方法是成功的,因为它产生了99.97%的F值。

更新日期:2021-03-07
down
wechat
bug