Affiliation:
1. School of Computer Engineering & Applied Mathematics, Computer System Institute, Hankyong National University, Jungang-ro, Anseong-si 17579, Gyeonggi-do, Republic of Korea
Abstract
For malicious purposes, attackers hide malware in the software used by their victims. New malware is continuously being shared on the Internet, which differs both in terms of the type of malware and method of damage. When new malware is discovered, it is possible to check whether there has been similar malware in the past and to use the old malware to counteract the new malware; however, it is difficult to check the maliciousness and similarity of all software. Thus, deep learning technology can be used to efficiently detect and classify malware. This study improves this technology’s accuracy by converting static features, which are binary data, into images and by converting time-series data, such as API call sequences, which are dynamic data with different lengths for each datum, into data with fixed lengths. We propose a system that combines AI-based malware detection and classification systems trained on both static and dynamic features. The experimental results showed a detection accuracy of 99.34%, a classification accuracy of 95.1%, and a prediction speed of approximately 0.1 s.
Reference19 articles.
1. Obfuscation: The Hidden Malware;Sezer;IEEE Secur. Priv.,2011
2. Azeez, N.A., Odufuwa, O.E., Misra, S., Oluranti, J., and Damaševičius, R. (2021). Windows PE Malware Detection Using Ensemble Learning. Informatics, 8.
3. O’Shea, K., and Nash, R. (2015). An Introduction to Convolutional Neural Networks. arXiv.
4. Image-Based malware classification using ensemble of CNN architectures (IMCEC);Vasan;Comput. Secur.,2020
5. SDIF-CNN: Stacking deep image features using fine-tuned convolution neural network models for real-world malware detection and classification;Kumar;Appl. Soft Comput.,2023