Hybrid Input Model Using Multiple Features From Surface Analysis for Malware Detection

被引:0
作者
Mimura, Mamoru [1 ]
Kanno, Satoki [2 ]
机构
[1] Natl Def Acad, Yokosuka, Kanagawa 2398686, Japan
[2] Japan Ground Self Defense Force, Tokyo 1628801, Japan
关键词
Malware; Feature extraction; Accuracy; Surface treatment; Machine learning; Long short term memory; Ensemble learning; Natural language processing; Artificial neural networks; Malware detection; natural language processing; deep neural network; CLASSIFICATION; EXECUTABLES; GENERATION;
D O I
10.1109/ACCESS.2024.3452675
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Many malware detection models have been proposed to protect computers from the ever- increasing number of malware attacks. The features that are obtained from surface analysis and machine learning are often used for malware detection. Previous studies that performed surface analysis have proposed image-based methods using ensemble learning. However, no natural language processing (NLP)-based malware detection method that combines multiple features has yet been reported. Instead, previous malware detection methods using NLP techniques have focused only on single features. When hybrid features are used, the word order and detection rate is affected if the data are initially handled by combining the hybrid features into one data point. Consequently, using NLP techniques is challenging when considering the word order. This paper proposes a hybrid model that uses three hybrid features obtained from surface analysis for malware detection and demonstrates the effectiveness of using NLP techniques in combination with hybrid features. The F-measure for the combination of these three features was 0.927.
引用
收藏
页码:121198 / 121207
页数:10
相关论文
共 55 条
[1]   When Malware is Packin' Heat; Limits of Machine Learning Classifiers Based on Static Analysis Features [J].
Aghakhani, Hojjat ;
Gritti, Fabio ;
Mecca, Francesco ;
Lindorfer, Martina ;
Ortolani, Stefano ;
Balzarotti, Davide ;
Vigna, Giovanni ;
Krueger, Christopher .
27TH ANNUAL NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM (NDSS 2020), 2020,
[2]   A framework for metamorphic malware analysis and real-time detection [J].
Alam, Shahid ;
Horspool, R. Nigel ;
Traore, Issa ;
Sogukpinar, Ibrahim .
COMPUTERS & SECURITY, 2015, 48 :212-233
[3]  
Anderson Blake., 2012, P 5 ACM WORKSHOP SEC, P3
[4]   E-XAI: Evaluating Black-Box Explainable AI Frameworks for Network Intrusion Detection [J].
Arreche, Osvaldo ;
Guntur, Tanish R. ;
Roberts, Jack W. ;
Abdallah, Mustafa .
IEEE ACCESS, 2024, 12 :23954-23988
[5]   Opcodes as predictor for malware [J].
Bilar, Daniel .
INTERNATIONAL JOURNAL OF ELECTRONIC SECURITY AND DIGITAL FORENSICS, 2007, 1 (02) :156-168
[6]   Attention-Based Automated Feature Extraction for Malware Analysis [J].
Choi, Sunoh ;
Bae, Jangseong ;
Lee, Changki ;
Kim, Youngsoo ;
Kim, Jonghyun .
SENSORS, 2020, 20 (10)
[7]  
Computer Security Group, ANT ENG WORKSH
[8]   Semantics-Based Online Malware Detection: Towards Efficient Real-Time Protection Against Malware [J].
Das, Sanjeev ;
Liu, Yang ;
Zhang, Wei ;
Chandramohan, Mahintham .
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2016, 11 (02) :289-302
[9]  
Elovici Y, 2007, LECT NOTES ARTIF INT, V4667, P44
[10]   Malware Analysis by Combining Multiple Detectors and Observation Windows [J].
Ficco, Massimo .
IEEE TRANSACTIONS ON COMPUTERS, 2022, 71 (06) :1276-1290