A hybrid deep learning image-based analysis for effective malware detection

Sitalakshmi Venkatraman, Mamoun Alazab, R. Vinayakumar

Research output: Contribution to journalArticleResearchpeer-review

Abstract

The explosive growth of Internet and the recent increasing trends in automation using intelligent applications have provided a veritable playground for malicious software (malware) attackers. With a variety of devices connected seamlessly via the Internet and large amounts of data collected, the escalating malware attacks and security risks are a big concern. While a number of malware detection methods are available, new methods are required to match with the scale and complexity of such a data-intensive environment. We propose a novel and unified hybrid deep learning and visualization approach for an effective detection of malware. The aim of the paper is two-fold: 1. to present the use of image-based techniques for detecting suspicious behavior of systems, and 2. to propose and investigate the application of hybrid image-based approaches with deep learning architectures for an effective malware classification. The performance is measured by employing various similarity measures of malware behavior patterns as well as cost-sensitive deep learning architectures. The scalability is benchmarked by testing our proposed hybrid approach with both public and privately collected large malware datasets that show high accuracy of our malware classifiers.

Original languageEnglish
Pages (from-to)377-389
Number of pages13
JournalJournal of Information Security and Applications
Volume47
Early online date24 Jun 2019
DOIs
Publication statusPublished - 1 Aug 2019

Fingerprint

Internet
Malware
Deep learning
Scalability
Classifiers
Automation
Visualization
Testing
Costs

Cite this

@article{ff43ac2c54d14463945e12775af3e666,
title = "A hybrid deep learning image-based analysis for effective malware detection",
abstract = "The explosive growth of Internet and the recent increasing trends in automation using intelligent applications have provided a veritable playground for malicious software (malware) attackers. With a variety of devices connected seamlessly via the Internet and large amounts of data collected, the escalating malware attacks and security risks are a big concern. While a number of malware detection methods are available, new methods are required to match with the scale and complexity of such a data-intensive environment. We propose a novel and unified hybrid deep learning and visualization approach for an effective detection of malware. The aim of the paper is two-fold: 1. to present the use of image-based techniques for detecting suspicious behavior of systems, and 2. to propose and investigate the application of hybrid image-based approaches with deep learning architectures for an effective malware classification. The performance is measured by employing various similarity measures of malware behavior patterns as well as cost-sensitive deep learning architectures. The scalability is benchmarked by testing our proposed hybrid approach with both public and privately collected large malware datasets that show high accuracy of our malware classifiers.",
keywords = "Deep learning architectures, Evaluation metrics, Image analysis, Machine learning, Malware detection, Similarity mining",
author = "Sitalakshmi Venkatraman and Mamoun Alazab and R. Vinayakumar",
year = "2019",
month = "8",
day = "1",
doi = "10.1016/j.jisa.2019.06.006",
language = "English",
volume = "47",
pages = "377--389",
journal = "Journal of Information Security and Applications",
issn = "2214-2126",
publisher = "Elsevier",

}

A hybrid deep learning image-based analysis for effective malware detection. / Venkatraman, Sitalakshmi; Alazab, Mamoun; Vinayakumar, R.

In: Journal of Information Security and Applications, Vol. 47, 01.08.2019, p. 377-389.

Research output: Contribution to journalArticleResearchpeer-review

TY - JOUR

T1 - A hybrid deep learning image-based analysis for effective malware detection

AU - Venkatraman, Sitalakshmi

AU - Alazab, Mamoun

AU - Vinayakumar, R.

PY - 2019/8/1

Y1 - 2019/8/1

N2 - The explosive growth of Internet and the recent increasing trends in automation using intelligent applications have provided a veritable playground for malicious software (malware) attackers. With a variety of devices connected seamlessly via the Internet and large amounts of data collected, the escalating malware attacks and security risks are a big concern. While a number of malware detection methods are available, new methods are required to match with the scale and complexity of such a data-intensive environment. We propose a novel and unified hybrid deep learning and visualization approach for an effective detection of malware. The aim of the paper is two-fold: 1. to present the use of image-based techniques for detecting suspicious behavior of systems, and 2. to propose and investigate the application of hybrid image-based approaches with deep learning architectures for an effective malware classification. The performance is measured by employing various similarity measures of malware behavior patterns as well as cost-sensitive deep learning architectures. The scalability is benchmarked by testing our proposed hybrid approach with both public and privately collected large malware datasets that show high accuracy of our malware classifiers.

AB - The explosive growth of Internet and the recent increasing trends in automation using intelligent applications have provided a veritable playground for malicious software (malware) attackers. With a variety of devices connected seamlessly via the Internet and large amounts of data collected, the escalating malware attacks and security risks are a big concern. While a number of malware detection methods are available, new methods are required to match with the scale and complexity of such a data-intensive environment. We propose a novel and unified hybrid deep learning and visualization approach for an effective detection of malware. The aim of the paper is two-fold: 1. to present the use of image-based techniques for detecting suspicious behavior of systems, and 2. to propose and investigate the application of hybrid image-based approaches with deep learning architectures for an effective malware classification. The performance is measured by employing various similarity measures of malware behavior patterns as well as cost-sensitive deep learning architectures. The scalability is benchmarked by testing our proposed hybrid approach with both public and privately collected large malware datasets that show high accuracy of our malware classifiers.

KW - Deep learning architectures

KW - Evaluation metrics

KW - Image analysis

KW - Machine learning

KW - Malware detection

KW - Similarity mining

UR - http://www.scopus.com/inward/record.url?scp=85067623863&partnerID=8YFLogxK

U2 - 10.1016/j.jisa.2019.06.006

DO - 10.1016/j.jisa.2019.06.006

M3 - Article

VL - 47

SP - 377

EP - 389

JO - Journal of Information Security and Applications

JF - Journal of Information Security and Applications

SN - 2214-2126

ER -