Affiliation:
1. Key Lab of Network & Information Security of Hebei Province, Shijiazhuang 050024, China
2. College of Computer & Cyber Security, Hebei Normal University, Shijiazhuang 050024, China
Abstract
With the rapid increase in the amount and type of malware, traditional methods of malware detection and family classification for IoT applications through static and dynamic analysis have been greatly challenged. In this paper, a new simple and effective attention module of Convolutional Neural Networks (CNNs), named as Depthwise Efficient Attention Module (DEAM), is proposed and combined with a DenseNet to propose a new malware detection and family classification model. Based on the good effect of the DenseNet in the field of image classification and the visual similarity of the malware family on images, the gray-scale image transformed from malware is input into the model combined with the DEAM and DenseNet for malware detection, and then the family classification is carried out. The DEAM is a general lightweight attention module improved based on the Convolutional Block Attention Module (CBAM), which can strengthen the attention to the characteristics of malware and improve the model effect. We use the MalImg dataset, Microsoft malware classification challenge dataset (BIG 2015), and our dataset constructed by the two above-mentioned datasets to verify the effectiveness of the proposed model in family classification and malware detection. Experimental results show that the proposed model achieves 99.3% in terms of accuracy for malware detection on our dataset and achieves 98.5% and 97.3% in terms of accuracy for family classification on the MalImg dataset and BIG 2015 dataset, respectively. The model can reliably detect IoT malware and classify its families.
Funder
National Natural Science Foundation of China
Subject
Computer Networks and Communications,Information Systems
Reference43 articles.
1. MTHAEL: Cross-Architecture IoT Malware Detection Based on Neural Network Advanced Ensemble Learning
2. A deep learning system for health care IoT and smartphone malware detection;M. Amin;Neural Computing and Applications,2020
3. An opcode-based technique for polymorphic Internet of Things malware detection;H. Darabian;Concurrency Computational Practice Expert,2019
4. Improvement of malware detection and classification using API call sequence alignment and visualization
Cited by
46 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献