Enhance deep learning model for malware detection with a new image representation method

Authors

  • Vo Khuong Linh
  • Nguyễn Việt Hùng
  • Tran Ngoc Anh
  • Duong Do Nhuan
  • Dinh Cong Hien

DOI:

https://doi.org/10.54654/isj.v1i21.1000

Keywords:

malware representation, malware detection, deep learning, convolutional neural network

Tóm tắt

In recent years, there has been an explosion in the number of new malware created by hackers worldwide. The large number of malware families causes certain difficulties for traditional malware detection methods. One of the recent research directions of interest is the application of artificial intelligence to solve problems. In this paper, we proposed a new method of representing malicious code as an image by arranging highly correlated bytes in close pixels on the image. Deep learning models are trained on self-built datasets and compare the performance of different image representation methods. Experimental results show that the proposed "serpentine" pixel arrangement method provides better results than other methods.

Downloads

Download data is not yet available.

References

Anh Tran Ngoc, Linh Vo Khuong, (2021), “Malware detection based on Machine Learning and PE header information”, Information Security Journal, Vietnam.

Alex Krizhevsky, Ilya Sutskever, Geoffrey E. Hinton, (2012), “ImageNet Classification with Deep Convolutional Neural Networks”, International Conference on Neural Information Processing Systems (NIPS).

Edward Raff, Jared Sylvester, Charles Nicholas, (2017), “Learning the PE Header, Malware Detection with Minimal Domain Knowledge”, ACM Workshop on Artificial Intelligence and Security.

Gibert, D, (2016), “Convolutional neural networks for malware classification”, University Rovira i Virgili, Tarragona, Spain.

Hironobu Fujiyoshi, Tsubasa Hirakawa, Takayoshi Yamashita, (2019), “Deep learning-based image recognition for autonomous driving”, IATSS Research, vol 43, issue 4, pages 244-252.

Hung Nguyen Viet, Ngoc Quach Danh, Dung Pham Ngoc, (2019), “Research on techniques of representing malware files and deep learning models in malware detection”, XXII National Conference: Some selected issues of Information and Communication Technology, Thai Binh, Vietnam.

Huu Danh Pham, Tuan Dinh Le, Thanh Nguyen Vu, (2018), “Static PE Malware Detection Using Gradient Boosting Decision Trees Algorithm”, International Conference on Future Data and Security Engineering, pp 228-236.

Kephart J.O. Tesauro, G.J., Gregory B Sorkin, (1996), “Neural networks for computer virus recognition”, IEEE International Conference on Intelligence and Security Informatics.

L. Nataraj, S. Karthikeyan, G. Jacob, and B. S. Manjunath, (2011), “Malware images: Visualization and automatic classification”, Proceedings of the 8th International Symposium on Visualization for Cyber Security.

Li Deng, George E. Dahl, Jack W. Stokes and Dong Yu (2013), “Large-scale malware classification using random projections and neural network”, ICASSP.

Moreira, C. C., Moreira, D. C., & de Sales Jr, C. D. S. (2023), “Improving ransomware detection based on portable executable header using xception convolutional neural network”, Computers & Security, 130, 103265.

Nitish Srivastava, Geoffrey Hinton, Alex Krizhevsky, Ilya Sutskever, and Ruslan Salakhutdinov, (2013), “Dropout: A simple way to prevent neural networks from overfitting J. Mach. Learn. Res.”. 15(1):1929–1958.

N. Idika, A.P. Mathur, (2007), “A Survey of Malware Detection Techniques”, Purdue University.

Rabia Tahir, (2018), “A Study on Malware and Malware Detection Techniques”, International Journal of Education and Management, MECS.

Rahul Chauhan, Karmal K. Ghanshala, R.C Joshi, (2018), “Convolutional Neural Network (CNN) for Image Detection and Recognition”, First International Conference on Secure Cyber Computing and Communication.

Razvan Pascanu, Jack W. Stokes, Li Deng, Dong Yu, Mady Marinescu, Anil Thomas, (2015), “Malware Classification with Recurrent Networks”, IEEE ICASSP.

Ren, Z., Chen, G., & Lu, W. (2020), “Malware visualization methods based on deep convolution neural networks”, Multimedia Tools and Applications, 79, 10975-10993.

Sunoh Choi, Sungwook Jang, Youngsoo Kim, Jonghyun Kim, (2017), “Malware Detection using Malware Image and Deep Learning”, International Conference on Information and Communication Technology Convergence, Jeju, Korea (South).

P. V. Dinh, N. Shone, P. H. Dung, Q. Shi, N. V. Hung and T. Nguyen Ngoc, "Behaviour-aware Malware Classification: Dynamic Feature Selection," 2019 11th International Conference on Knowledge and Systems Engineering (KSE), Da Nang, Vietnam, 2019, pp. 1-5, doi: 10.1109/KSE.2019.8919491.

Tu Nguyen Minh, Hung Nguyen Viet, Anh Phan Viet, Loi Cao Van, Nathan Shone, “Detecting Malware Based on Dynamic Analysis Techniques Using Deep Graph Learning”, Lecture Notes in Computer Science, vol. 12466, 2020.

Nguyen, M.T., Nguyen, V.H. & Shone, N. Using deep graph learning to improve dynamic analysis-based malware detection in PE files. J Comput Virol Hack Tech 20, 153–172 (2024). https://doi.org/10.1007/s11416-023-00505-x.

Seonhee Seok, Howon Kim, (2016), “Visualized Malware Classification Based on Convolutional Network”, Journal of The Korea Institute of Information Security and Cryptology.

N. V. Hung, P. Ngoc Dung, T. N. Ngoc, V. Dinh Phai and Q. Shi, "Malware detection based on directed multi-edge dataflow graph representation and convolutional neural network," 2019 11th International Conference on Knowledge and Systems Engineering (KSE), Da Nang, Vietnam, 2019, pp. 1-5, doi: 10.1109/KSE.2019.8919284.

VirusShare.com, https://virusshare.com/.

VirusTotal.com, https://www.virustotal.com/.

Wenyi Huang, Jack W.Stokes, (2016), “MtNet: A Multi-Task Neural Network for Dynamic Malware Classification”, DIMVA.

Noi, N. H., & Ngoc, T. N. (2023). Learning Latent Representation with Limited Labels for IoT Anomaly Detection. Journal of Science and Technology on Information Security, 3(20), 14-22. https://doi.org/10.54654/isj.v3i20.986.

Downloads

Abstract views: 155 / PDF downloads: 52

Published

2024-06-27

How to Cite

Linh, V. K., Hùng, N. V., Anh, T. N., Nhuan, D. D., & Hien, D. C. (2024). Enhance deep learning model for malware detection with a new image representation method. Journal of Science and Technology on Information Security, 1(21), 31-39. https://doi.org/10.54654/isj.v1i21.1000

Issue

Section

Papers