Improved Deep Learning Model for Static PE Files Malware Detection and Classification

Lad., Sumit S.; Adamuthe, Amol C.

doi:10.5815/ijcnis.2022.02.02

Cited by 11 publications

(4 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In Table 1, we present a comparison of our model's results against state-of-the-art techniques, such as those proposed by Refs. [15,17,19]. Our model's performance is on par with these previous works.…”

Section: Resultssupporting

confidence: 63%

“…Our analysis suggests that these features, such as filaments and holes, correspond with malicious behavior in the code. Our model's ability to detect these features is highly dependent on the value of , DLMD [15] 0.9676 − − − 0.0872 − Li et al [17] 0.9731 − 0.9724 − − − Lad and Adamuthe [18] 0.9409 0.9014 0.8866 0.1571 − 0.9100 Ravi et al [19] 0 We further study this phenomenon and apply grid search to fine-tune this hyperparameter for specific categories of malware. We observe that different families lend themselves to better analysis with different values of .…”

Section: ω ωmentioning

confidence: 98%

“…However, our work is different in two respects: (1) we work with a collection of a much larger sample size by combining Ember with other newer datasets; and (2) we apply a more comprehensive model that not only makes predictions but also enables interpretability. A similar approach has been followed by Li et al [17] who have augmented intrinsic features of malware to improve detection. However, as noted before, this involves human intervention for analysis, thus making this approach infeasible for large-scale deployment.…”

Section: Malware Detection On the Windows Platformmentioning

confidence: 99%

See 2 more Smart Citations

Interpretable Detection of Malicious Behavior in Windows Portable Executables Using Multi-Head 2D Transformers

Khan,

Nauman

2024

Big Data Min. Anal.

View full text Add to dashboard Cite

Windows malware is becoming an increasingly pressing problem as the amount of malware continues to grow and more sensitive information is stored on systems. One of the major challenges in tackling this problem is the complexity of malware analysis, which requires expertise from human analysts. Recent developments in machine learning have led to the creation of deep models for malware detection. However, these models often lack transparency, making it difficult to understand the reasoning behind the model's decisions, otherwise known as the black-box problem. To address these limitations, this paper presents a novel model for malware detection, utilizing vision transformers to analyze the Operation Code (OpCode) sequences of more than 350 000 Windows portable executable malware samples from real-world datasets. The model achieves a high accuracy of 0.9864, not only surpassing the previous results but also providing valuable insights into the reasoning behind the classification. Our model is able to pinpoint specific instructions that lead to malicious behavior in malware samples, aiding human experts in their analysis and driving further advancements in the field. We report our findings and show how causality can be established between malicious code and actual classification by a deep learning model, thus opening up this black-box problem for deeper analysis.

show abstract

Section: Resultssupporting

confidence: 63%

Section: ω ωmentioning

confidence: 98%

Section: Malware Detection On the Windows Platformmentioning

confidence: 99%

See 1 more Smart Citation

Interpretable Detection of Malicious Behavior in Windows Portable Executables Using Multi-Head 2D Transformers

Khan,

Nauman

2024

Big Data Min. Anal.

View full text Add to dashboard Cite

show abstract

“…In addition, the authors have proposed a solution based on the use of binary file representation and self-organizing maps. Another research by (Sumit & Adamuthe, 2022), it is to propose a deep learning model capable of building a feature set from the EMBER dataset and classifying the malicious codes' static PE files efficiently. In earlier work, Atacak et al (2022) proposed a hybrid detection system that combines the feature extraction and dimension reduction power of the convolution layers in the CNN architecture, and the decisionmaking capability of fuzzy logic is proposed.…”

Section: Android Malware Detection With Dynamic Analysismentioning

confidence: 99%

Android Malware Detection Approach Using Stacked AutoEncoder and Convolutional Neural Networks

Menaouer,

Islem,

Nada

2023

International Journal of Intelligent Information Technologies

View full text Add to dashboard Cite

In the past decade, Android has become a standard smartphone operating system. The mobile devices running on the Android operating system are particularly interesting to malware developers, as the users often keep personal information on their mobile devices. This paper proposes a deep learning model for mobile malware detection and classification. It is based on SAE for reducing the data dimensionality. Then, a CNN is utilized to detect and classify malware apps in Android devices through binary visualization. Tests were carried out with an original Android application (Drebin-215) dataset consisting of 15,036 applications. The conducted experiments prove that the classification performance achieves high accuracy of about 98.50%. Other performance measures used in the study are precision, recall, and F1-score. Finally, the accuracy and results of these techniques are analyzed by comparing the effectiveness with previous works.

show abstract

Application of Deep Learning Models for Real-Time Automatic Malware Detection

Gutierrez,

Villegas-Ch,

Naranjo Godoy

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Improved Deep Learning Model for Static PE Files Malware Detection and Classification

Cited by 11 publications

References 24 publications

Interpretable Detection of Malicious Behavior in Windows Portable Executables Using Multi-Head 2D Transformers

Interpretable Detection of Malicious Behavior in Windows Portable Executables Using Multi-Head 2D Transformers

Android Malware Detection Approach Using Stacked AutoEncoder and Convolutional Neural Networks

Application of Deep Learning Models for Real-Time Automatic Malware Detection

Contact Info

Product

Resources

About