An API Semantics-Aware Malware Detection Method Based on Deep Learning

Ma, Xin; Guo, Shize; Bai, Wei; Xia, Shiming; Pan, Zhisong

doi:10.1155/2019/1315047

Cited by 14 publications

(8 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A deep learning-based ensemble learning detection framework was introduced by Ma, et al (2019) for API fragments [22], but the malware detection accuracy was not improved. Xiao, et al ( 2019) developed a novel behavior-based deep learning framework (BDLF) to classify the malware attack and increase the precision [23].…”

Section: Related Workmentioning

confidence: 99%

Biserial Miyaguchi–Preneel Blockchain-Based Ruzicka-Indexed Deep Perceptive Learning for Malware Detection in IoMT

Alotaibi

2021

Sensors

View full text Add to dashboard Cite

Detection of unknown malware and its variants remains both an operational and a research challenge in the Internet of Things (IoT). The Internet of Medical Things (IoMT) is a particular type of IoT network which deals with communication through smart healthcare (medical) devices. One of the prevailing problems currently facing IoMT solutions is security and privacy vulnerability. Previous malware detection methods have failed to provide security and privacy. In order to overcome this issue, the current study introduces a novel technique called biserial correlative Miyaguchi–Preneel blockchain-based Ruzicka-index deep multilayer perceptive learning (BCMPB-RIDMPL). The present research aims to improve the accuracy of malware detection and minimizes time consumption. The current study combines the advantages of machine-learning techniques and blockchain technology. The BCMPB-RIDMPL technique consists of one input layer, three hidden layers, and one output layer to detect the malware. The input layer receives the number of applications and malware features as input. After that, the malware features are sent to the hidden layer 1, in which feature selection is carried out using point biserial correlation, which reduces the time required to detect the malware. Then, the selected features and applications are sent to the hidden layer 2. In that layer, Miyaguchi–Preneel cryptographic hash-based blockchain is applied to generate the hash value for each selected feature. The generated hash values are stored in the blockchain, after which the classification is performed in the third hidden layer. The BCMPB-RIDMPL technique uses the Ruzicka index to verify the hash values of the training and testing malware features. If the hash is valid, then the application is classified as malware, otherwise it is classified as benign. This method improves the accuracy of malware detection. Experiments have been carried out on factors such as malware detection accuracy, Matthews’s correlation coefficient, and malware detection time with respect to a number of applications. The observed quantitative results show that our proposed BCMPB-RIDMPL method provides superior performance compared with state-of-the-art methods.

show abstract

Section: Related Workmentioning

confidence: 99%

Biserial Miyaguchi–Preneel Blockchain-Based Ruzicka-Indexed Deep Perceptive Learning for Malware Detection in IoMT

Alotaibi

2021

Sensors

View full text Add to dashboard Cite

show abstract

“…The results of experiments showed that both approaches worked well, and the framework combined two models had a better performance, which had an accuracy of 96.7% in classification. Ma et al [38] analyzed malicious malware and designed a detection framework based on API fragments. The framework utilized sliding window operation to split API sequences into an Nlength API fragment.…”

Section: Related Work a Api Based Malware Detectionmentioning

confidence: 99%

A Real-Time and Adaptive-Learning Malware Detection Method Based on API-Pair Graph

Yang

Chen

et al. 2020

IEEE Access

View full text Add to dashboard Cite

“…ere are also other machine learning methods to learn the features. Ma et al [19] analyze the local maliciousness about malware and implements an anti-interference detection framework based on API fragments, which can effectively detect malware. Anderson and Roth [20] offer a public labeled benchmark dataset for training machine learning models to statically detect malicious PE files.…”

Section: Related Workmentioning

confidence: 99%

SLAM: A Malware Detection Method Based on Sliding Local Attention Mechanism

Chen

Guo

et al. 2020

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

Since the number of malware is increasing rapidly, it continuously poses a risk to the field of network security. Attention mechanism has made great progress in the field of natural language processing. At the same time, there are many research studies based on malicious code API, which is also like semantic information. It is a worthy study to apply attention mechanism to API semantics. In this paper, we firstly study the characters of the API execution sequence and classify them into 17 categories. Secondly, we propose a novel feature extraction method based on API execution sequence according to its semantics and structure information. Thirdly, based on the API data characteristics and attention mechanism features, we construct a detection framework SLAM based on local attention mechanism and sliding window method. Experiments show that our model achieves a better performance, which is a higher accuracy of 0.9723.

show abstract

An API Semantics-Aware Malware Detection Method Based on Deep Learning

Cited by 14 publications

References 15 publications

Biserial Miyaguchi–Preneel Blockchain-Based Ruzicka-Indexed Deep Perceptive Learning for Malware Detection in IoMT

Biserial Miyaguchi–Preneel Blockchain-Based Ruzicka-Indexed Deep Perceptive Learning for Malware Detection in IoMT

A Real-Time and Adaptive-Learning Malware Detection Method Based on API-Pair Graph

SLAM: A Malware Detection Method Based on Sliding Local Attention Mechanism

Contact Info

Product

Resources

About