Image-Based malware classification using ensemble of CNN architectures (IMCEC)

Danish Vasan, Mamoun Alazab, Sobia Wassan, Babak Safaei, Qin Zheng

Research output: Contribution to journalArticle

Abstract

Unfortunately, both researchers and malware authors have demonstrated that malware scanners are limited and can be easily evaded by simple obfuscation techniques. This paper proposes a novel ensemble convolutional neural networks (CNNs) based architecture for effective detection of both packed and unpacked malware. We have named this method image-based malware classification using ensemble of CNNs (IMCEC). Our main assumption is that based on their deeper architectures different CNNs provide different semantic representations of the image; therefore, a set of CNN architectures makes it possible to extract features with higher qualities than traditional methods. Experimental results show that IMCEC is particularly suitable for malware detection. It can achieve a high detection accuracy with low false alarm rates using malware raw-input. Result demonstrates more than 99% accuracy for unpacked malware and over 98% accuracy for packed malware. IMCEC is flexible, practical and efficient as it takes only 1.18 second on average to identify new malware sample.
Original languageEnglish
Article number101748
Pages (from-to)1-12
Number of pages12
JournalComputers and Security
Volume92
Early online date29 Feb 2020
DOIs
Publication statusPublished - May 2020

Fingerprint Dive into the research topics of 'Image-Based malware classification using ensemble of CNN architectures (IMCEC)'. Together they form a unique fingerprint.

  • Cite this