Malware Detection Based on the Feature Selection of a Correlation Information Decision Matrix

Author:

Lu Kai12ORCID,Cheng Jieren3,Yan Anli1

Affiliation:

1. School of Cyberspace Security (School of Cryptology), Hainan University, Haikou 570100, China

2. Department of Public Safety Technology, Hainan Vocational College of Political Science and Law, Haikou 571100, China

3. School of Computer Science and Technology, Hainan University, Haikou 570100, China

Abstract

Smartphone apps are closely integrated with our daily lives, and mobile malware has brought about serious security issues. However, the features used in existing traffic-based malware detection techniques have a large amount of redundancy and useless information, wasting the computational resources of training detection models. To overcome this drawback, we propose a feature selection method; the core of the method involves choosing selected features based on high irrelevance, thereby removing redundant features. Furthermore, artificial intelligence has implemented malware detection and achieved outstanding detection ability. However, almost all malware detection models in deep learning include pooling operations, which lead to the loss of some local information and affect the robustness of the model. We also propose designing a malware detection model for malicious traffic identification based on a capsule network. The main difference between the capsule network and the neural network is that the neuron outputs a scalar, while the capsule outputs a vector. It is more conducive to saving local information. To verify the effectiveness of our method, we verify it from three aspects. First, we use four popular machine learning algorithms to prove the effectiveness of the proposed feature selection method. Second, we compare the capsule network with the convolutional neural network to prove the superiority of the capsule network. Finally, we compare our proposed method with another state-of-the-art malware detection technique; our accuracy and recall increased by 9.71% and 20.18%, respectively.

Funder

National Natural Science Foundation of China

Key Projects in Hainan Province

Publisher

MDPI AG

Subject

General Mathematics,Engineering (miscellaneous),Computer Science (miscellaneous)

Reference31 articles.

1. (2023, January 08). 2020 State of Malware Report. Available online: https://securelist.com/.

2. Wang, S., Chen, Z., Zhang, L., Yan, Q., Yang, B., Peng, L., and Jia, Z. (2016, January 20–21). TrafficAV: An effective and explainable detection of mobile malware behavior using network traffic. Proceedings of the 24th IEEE/ACM International Symposium on Quality of Service (IWQoS 2016), Beijing, China.

3. Capkun, S., and Roesner, F. (2020, January 12–14). FANS: Fuzzing Android Native System Services via Automated Interface Analysis. Proceedings of the 29th USENIX Security Symposium, USENIX Security 2020, Boston, MA, USA.

4. Zhang, X., Wu, K., Chen, Z., and Zhang, C. (2021). MalCaps: A capsule network based model for the malware classification. Processes, 9.

5. Efficiency of malware detection in android system: A survey;Omer;Asian J. Res. Comput. Sci.,2021

Cited by 6 articles. 订阅此论文施引文献 订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献

1. Malware Detection and Classification for URLs using Ensemble Learning;2024 4th International Conference on Pervasive Computing and Social Networking (ICPCSN);2024-05-03

2. Deep learning-powered malware detection in cyberspace: a contemporary review;Frontiers in Physics;2024-03-28

3. Explainable Machine Learning for Malware Detection on Android Applications;Information;2024-01-01

4. XAI-PDF: A Robust Framework for Malicious PDF Detection Leveraging SHAP-Based Feature Engineering;The International Arab Journal of Information Technology;2024-01-01

5. Malware Detection and Classification with Deep Learning Models;2023 International Conference on Applied Intelligence and Sustainable Computing (ICAISC);2023-06-16

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3