Image-Based malware classification using ensemble of CNN architectures (IMCEC)

Danish Vasan, Mamoun Alazab, Sobia Wassan, Babak Safaei, Qin Zheng

    Research output: Contribution to journalArticlepeer-review

    246 Citations (Scopus)
    84 Downloads (Pure)

    Abstract

    Unfortunately, both researchers and malware authors have demonstrated that malware scanners are limited and can be easily evaded by simple obfuscation techniques. This paper proposes a novel ensemble convolutional neural networks (CNNs) based architecture for effective detection of both packed and unpacked malware. We have named this method image-based malware classification using ensemble of CNNs (IMCEC). Our main assumption is that based on their deeper architectures different CNNs provide different semantic representations of the image; therefore, a set of CNN architectures makes it possible to extract features with higher qualities than traditional methods. Experimental results show that IMCEC is particularly suitable for malware detection. It can achieve a high detection accuracy with low false alarm rates using malware raw-input. Result demonstrates more than 99% accuracy for unpacked malware and over 98% accuracy for packed malware. IMCEC is flexible, practical and efficient as it takes only 1.18 second on average to identify new malware sample.
    Original languageEnglish
    Article number101748
    Pages (from-to)1-12
    Number of pages12
    JournalComputers and Security
    Volume92
    Early online date29 Feb 2020
    DOIs
    Publication statusPublished - May 2020

    Fingerprint

    Dive into the research topics of 'Image-Based malware classification using ensemble of CNN architectures (IMCEC)'. Together they form a unique fingerprint.

    Cite this