TY - JOUR
T1 - A Multi-View attention-based deep learning framework for malware detection in smart healthcare systems
AU - Ravi, Vinayakumar
AU - Alazab, Mamoun
AU - Selvaganapathy, Shymalagowri
AU - Chaganti, Rajasekhar
PY - 2022/11/1
Y1 - 2022/11/1
N2 - Recent security attack reports show that the number of malware attacks is gradually growing over the years due to the rapid adoption of smart healthcare systems. The development of a safe and secure smart healthcare system is considered to be important from a security point of view. Malware detection is an essential subsystem in healthcare ecosystems to secure the system from malware attacks. The literature survey shows that malware detection is done using deep learning with either portable executable (PE)-Header or PE-Imports or PE-Image or application programming interface (API) calls. However, each of these feature sets is important in PE files to boost the malware detection rate. This work proposes a Multi-View attention-based deep learning framework for malware detection by considering features of PE-Header, PE-Imports, PE-Image, and API calls. Detailed evaluation and experimental analysis of the proposed method is shown on the malware detection benchmark datasets. The proposed approach performed better than the machine learning-based and non-attention-based approaches with an accuracy of 95% for malware detection using features from PE-Header, PE-Imports, PE-Image, and API calls. In addition, detailed evaluation results are included for image-based malware detection on datasets from Windows and Android operating systems. In the Windows-based dataset, the proposed approach showed an accuracy of 98% and an accuracy of 97% in the Android-based dataset. Also, the proposed approach performed better than the existing malware detection approaches. Experimental results on three malware datasets indicate that the proposed method is robust and generalizable for both Windows and Android-based malware detection in smart healthcare systems.
AB - Recent security attack reports show that the number of malware attacks is gradually growing over the years due to the rapid adoption of smart healthcare systems. The development of a safe and secure smart healthcare system is considered to be important from a security point of view. Malware detection is an essential subsystem in healthcare ecosystems to secure the system from malware attacks. The literature survey shows that malware detection is done using deep learning with either portable executable (PE)-Header or PE-Imports or PE-Image or application programming interface (API) calls. However, each of these feature sets is important in PE files to boost the malware detection rate. This work proposes a Multi-View attention-based deep learning framework for malware detection by considering features of PE-Header, PE-Imports, PE-Image, and API calls. Detailed evaluation and experimental analysis of the proposed method is shown on the malware detection benchmark datasets. The proposed approach performed better than the machine learning-based and non-attention-based approaches with an accuracy of 95% for malware detection using features from PE-Header, PE-Imports, PE-Image, and API calls. In addition, detailed evaluation results are included for image-based malware detection on datasets from Windows and Android operating systems. In the Windows-based dataset, the proposed approach showed an accuracy of 98% and an accuracy of 97% in the Android-based dataset. Also, the proposed approach performed better than the existing malware detection approaches. Experimental results on three malware datasets indicate that the proposed method is robust and generalizable for both Windows and Android-based malware detection in smart healthcare systems.
KW - Attention
KW - Cybercriminal
KW - Deep learning
KW - Malware
KW - Multi-View
KW - PE files
KW - Smart healthcare
UR - http://www.scopus.com/inward/record.url?scp=85136608781&partnerID=8YFLogxK
U2 - 10.1016/j.comcom.2022.08.015
DO - 10.1016/j.comcom.2022.08.015
M3 - Article
AN - SCOPUS:85136608781
SN - 0140-3664
VL - 195
SP - 73
EP - 81
JO - Computer Communications
JF - Computer Communications
ER -