Author:
Jeong Young-Seob,Mswahili Medard Edmund,Kang Ah Reum
Abstract
AbstractAs more documents appear on the Internet, it becomes important to detect malware within the documents. Malware of non-executables might be more dangerous because people usually open them without worrying about inherent danger. Recently, deep learning models are used to analyze byte streams of the non-executables for malware detection. Although they have shown successful results, they are commonly designed for stream-level detection, but not for file-level detection. In this paper, we propose a new method that aggregates the stream-level results to get file-level results for malware detection. We demonstrate its effectiveness by experimental results with our annotated dataset, and show that it gives performance gain of 3.37–5.89% of F1 scores.
Publisher
Springer Science and Business Media LLC
Reference19 articles.
1. Raff, E. et al. Malware detection by eating a whole exe. In Proceedings of the Workshops of the Thirty-Second AAAI Conference on Artificial Intelligence 268–276 (New Orleans, USA, 2018).
2. Jeong, Y.-S., Woo, J., Lee, S. & Kang, A. R. Malware detection of hangul word processor files using spatial pyramid average pooling. Sensors 20(18), 1–12 (2020).
3. Lecun, Y., Bottou, L., Bengio, Y. & Haffner, P. Gradient-based learning applied to document recognition. Proc. IEEE 86, 2278–2324 (1998).
4. Yang, S., Chen, W., Li, S. & Xu, Q. Approach using transforming structural data into image for detection of malicious MS-DOC files based on deep learning models. In 2019 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC) 28–32. https://doi.org/10.1109/APSIPAASC47483.2019.9023208 (2019).
5. Mamoru, M. An improved method of detecting macro malware on an imbalanced dataset. IEEE Access 8, 204709–204717. https://doi.org/10.1109/ACCESS.2020.3037330 (2020).
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献