Publication Type : Book Chapter
Publisher : Springer International Publishing
Source : Cybersecurity and Secure Information Systems: Challenges and Solutions in Smart Environments, Springer International Publishing, Cham, p.241–286 (2019)
Url : https://doi.org/10.1007/978-3-030-16837-7_12
ISBN : 9783030168377
Campus : Coimbatore
School : School of Engineering
Center : Computational Engineering and Networking
Department : Electronics and Communication
Year : 2019
Abstract : At present time, malware is one of the biggest threats to Internet service security. This chapter propose a novel file agnostic deep learning architecture for malware family identification which converts malware binaries into gray scale images and then identifies their families by a hybrid in-house model, Convolutional Neural Network and Long Short Term Memory (CNN-LSTM). The significance of the hybrid model enables the network to capture the spatial and temporal features which can be used effectively to distinguish among malwares. In this novel method, usual methods like disassembly, de-compiling, de-obfuscation or execution of the malware binary need not be done. Various experiments were run to identify an optimal deep learning network parameters and network structure on benchmark and well-known data set. All experiments were run at a learning rate 0.1 for 1,000 epochs. To select a model which is generalizable, various test-train splits were done during experimentation. Additionally. this facilitates to find how well the models perform on imbalanced data sets. Experimental results shows that the hybrid model is very effective for malware family classification in all the train-test splits. It indicates that the model can work in unevenly distributed samples too. The classification accuracy obtained by deep learning architectures on all train-test splits performed better than other compared classical machine learning algorithms and existing method based on deep learning. Finally, a scalable framework based on deep learning and visualization approach is proposed which can be used in real time for malware family identification
Cite this Research Publication : S. Akarsh, Prabaharan Poornachandran, Menon, V. Krishna, and Dr. Soman K. P., “A Detailed Investigation and Analysis of Deep Learning Architectures and Visualization Techniques for Malware Family Identification”, in Cybersecurity and Secure Information Systems: Challenges and Solutions in Smart Environments, A. Ella Hassanien and Elhoseny, M., Eds. Cham: Springer International Publishing, 2019, pp. 241–286.