DeepAM: a heterogeneous deep learning framework for intelligent malware detection

Ye, Yanfang; Chen, Lingwei; Hou, Shifu; Hardy, William; Li, Xin

doi:10.1007/s10115-017-1058-9

Cited by 104 publications

(43 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They used autoencoders coupled with a sigmoid classification layer for this task and achieved a 95.64% accuracy. Benchea and Gavriluţ [84], Xu et al [85], Hou et al [86], Zhu et al [87], and Ye et al [88] used RBMs. Success with these varied depending on the datasets and methods.…”

Section: Detectionmentioning

confidence: 99%

See 1 more Smart Citation

A Survey of Deep Learning Methods for Cyber Security

et al. 2019

View full text Add to dashboard Cite

This survey paper describes a literature review of deep learning (DL) methods for cyber security applications. A short tutorial-style description of each DL method is provided, including deep autoencoders, restricted Boltzmann machines, recurrent neural networks, generative adversarial networks, and several others. Then we discuss how each of the DL methods is used for security applications. We cover a broad array of attack types including malware, spam, insider threats, network intrusions, false data injection, and malicious domain names used by botnets.

show abstract

Section: Detectionmentioning

confidence: 99%

“…Success with these varied depending on the datasets and methods. Hardy et al [83], Hou et al [86], and Ye et al [88] all used the Comodo Cloud Security Center dataset 66 and 96.6% accuracy [86] or a 97.9% TPR [88]. Benchea and Gavriluţ [84] used a custom dataset and achieved 99.72% accuracy with a 90.1% true positive rate.…”

Section: Detectionmentioning

confidence: 99%

A Survey of Deep Learning Methods for Cyber Security

et al. 2019

View full text Add to dashboard Cite

show abstract

“…Later, Ye et al [12] built a deep learning architecture for intelligent malware detection. In this work, they utilized an AutoEncoder stacked up with multilayer restricted Boltzmann machines (RBMs) to detect unknown malware.…”

Section: Malware Identificationmentioning

confidence: 99%

Artificial Intelligence in the Cyber Domain: Offense and Defense

2020

View full text Add to dashboard Cite

Artificial intelligence techniques have grown rapidly in recent years, and their applications in practice can be seen in many fields, ranging from facial recognition to image analysis. In the cybersecurity domain, AI-based techniques can provide better cyber defense tools and help adversaries improve methods of attack. However, malicious actors are aware of the new prospects too and will probably attempt to use them for nefarious purposes. This survey paper aims at providing an overview of how artificial intelligence can be used in the context of cybersecurity in both offense and defense.

show abstract

“…For instance, SMS malware that is invisible in the kernel. On similar lines, SVM ML technique based system has been proposed by Zhao et 29 proposed a heterogeneous deep learning framework composed of an AutoEncoder stacked up with multi layer restricted Boltzmann machines (RBMs) and a layer of associative memory to detect newly unknown malware using Windows API calls extracted from PE profiles. The proposed framework consists of two phases: pre-training and fine-tuning.…”

Section: Dini Et Almentioning

confidence: 99%

Evaluation of Supervised Machine Learning Techniques for Dynamic Malware Detection

Zhao¹,

Li²,

Taiqi³

et al. 2018

IJCIS

View full text Add to dashboard Cite

Nowadays, security of the computer systems has become a major concern of security experts. In spite of many antivirus and malware detection systems, the number of malware incidents are increasing day by day. Many static and dynamic techniques have been proposed to detect the malware and classify them into malware families accurately. The dynamic malware detection has potential benefits over the static ones to detect malware effectively. Because, it is difficult to mask behavior of malware while executing than its underlying code in static malware detection. Recently, machine learning techniques have been the main focus of the security experts to detect malware and predict their families dynamically. But, to the best of our knowledge, there exists no comprehensive work that compares and evaluates a sufficient number of machine learning techniques for classifying malware and benign samples. In this work, we conducted a set of experiments to evaluate machine learning techniques for detecting malware and their classification into respective families dynamically. A set of real malware samples and benign programs have been received from VirusTotal, and executed in a controlled & isolated environment to record malware behavior for evaluation of machine learning techniques in terms of commonly used performance metrics. From the execution reports saved in the form of JSON reports, we extract a promising set of features representing behavior of a malware sample. The identified set of features is further employed to classify malware and benign samples. The Major motivation of this work is that different techniques have been designed to optimize different criteria. So, they behave differently, even in similar conditions. In addition to classification of malware and benign samples dynamically, we reveal guidelines for researchers to apply machine learning techniques for detecting malware dynamically, and directions for further research in the field.

show abstract

DeepAM: a heterogeneous deep learning framework for intelligent malware detection

Cited by 104 publications

References 26 publications

A Survey of Deep Learning Methods for Cyber Security

A Survey of Deep Learning Methods for Cyber Security

Artificial Intelligence in the Cyber Domain: Offense and Defense

Evaluation of Supervised Machine Learning Techniques for Dynamic Malware Detection

Contact Info

Product

Resources

About