Hybrid Malware Classification Method Using Segmentation-Based Fractal Texture Analysis and Deep Convolution Neural Network Features

Nisa, Maryam; Shah, Jamal Hussain; Kanwal, Shansa; Raza, Mudassar; Khan, Muhammad Attique; Damaševičius, Robertas; Blažauskas, Tomas

doi:10.3390/app10144966

Cited by 92 publications

(46 citation statements)

References 60 publications

(60 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Their method was a combination of taking global as well as local features, achieving effective malware classification. Nisa et al [ 41 ] converted malware to images and applied segmentation-based fractal texture analysis (SFTA) to obtain features, which were fused with features obtained from pretrained AlexNet and Inception-v3 deep neural networks. Finally, machine learning classifiers were used for malware detection.…”

Section: Literature Surveymentioning

confidence: 99%

An Efficient DenseNet-Based Deep Learning Model for Malware Detection

Hemalatha¹,

Roseline

Geetha

et al. 2021

Entropy

Self Cite

140

View full text Add to dashboard Cite

Recently, there has been a huge rise in malware growth, which creates a significant security threat to organizations and individuals. Despite the incessant efforts of cybersecurity research to defend against malware threats, malware developers discover new ways to evade these defense techniques. Traditional static and dynamic analysis methods are ineffective in identifying new malware and pose high overhead in terms of memory and time. Typical machine learning approaches that train a classifier based on handcrafted features are also not sufficiently potent against these evasive techniques and require more efforts due to feature-engineering. Recent malware detectors indicate performance degradation due to class imbalance in malware datasets. To resolve these challenges, this work adopts a visualization-based method, where malware binaries are depicted as two-dimensional images and classified by a deep learning model. We propose an efficient malware detection system based on deep learning. The system uses a reweighted class-balanced loss function in the final classification layer of the DenseNet model to achieve significant performance improvements in classifying malware by handling imbalanced data issues. Comprehensive experiments performed on four benchmark malware datasets show that the proposed approach can detect new malware samples with higher accuracy (98.23% for the Malimg dataset, 98.46% for the BIG 2015 dataset, 98.21% for the MaleVis dataset, and 89.48% for the unseen Malicia dataset) and reduced false-positive rates when compared with conventional malware mitigation techniques while maintaining low computational time. The proposed malware detection solution is also reliable and effective against obfuscation attacks.

show abstract

Section: Literature Surveymentioning

confidence: 99%

An Efficient DenseNet-Based Deep Learning Model for Malware Detection

Hemalatha¹,

Roseline

Geetha

et al. 2021

Entropy

Self Cite

140

View full text Add to dashboard Cite

show abstract

“…The main limitation of this approach is that they used one evaluation criterion to test the model. The other work by Nisa et al (2020) suggest a new approach using malware images with rotate, flip and scale base image augmentation techniques.…”

Section: Related Workmentioning

confidence: 99%

Data augmentation based malware detection using convolutional neural networks

Çatak

Ahmed

ŞAHİNBAŞ

et al. 2021

PeerJ Computer Science

View full text Add to dashboard Cite

Due to advancements in malware competencies, cyber-attacks have been broadly observed in the digital world. Cyber-attacks can hit an organization hard by causing several damages such as data breach, financial loss, and reputation loss. Some of the most prominent examples of ransomware attacks in history are WannaCry and Petya, which impacted companies’ finances throughout the globe. Both WannaCry and Petya caused operational processes inoperable by targeting critical infrastructure. It is quite impossible for anti-virus applications using traditional signature-based methods to detect this type of malware because they have different characteristics on each contaminated computer. The most important feature of this type of malware is that they change their contents using their mutation engines to create another hash representation of the executable file as they propagate from one computer to another. To overcome this method that attackers use to camouflage malware, we have created three-channel image files of malicious software. Attackers make different variants of the same software because they modify the contents of the malware. In the solution to this problem, we created variants of the images by applying data augmentation methods. This article aims to provide an image augmentation enhanced deep convolutional neural network (CNN) models for detecting malware families in a metamorphic malware environment. The main contributions of the article consist of three components, including image generation from malware samples, image augmentation, and the last one is classifying the malware families by using a CNN model. In the first component, the collected malware samples are converted into binary file to 3-channel images using the windowing technique. The second component of the system create the augmented version of the images, and the last part builds a classification model. This study uses five different deep CNN model for malware family detection. The results obtained by the classifier demonstrate accuracy up to 98%, which is quite satisfactory.

show abstract

“…This not only improves security but also keeps the user from frequent antivirus software upgrades. The creation of artificial neural network (ANN)-related technology [16,17] and hybrid methods [18][19][20][21] is a prerequisite for developing successful antivirus systems. The ability of such systems to learn and generalize allows intelligent information protection systems to be developed.…”

Section: Introductionmentioning

confidence: 99%

Windows PE Malware Detection Using Ensemble Learning

et al. 2021

Self Cite

View full text Add to dashboard Cite

In this Internet age, there are increasingly many threats to the security and safety of users daily. One of such threats is malicious software otherwise known as malware (ransomware, Trojans, viruses, etc.). The effect of this threat can lead to loss or malicious replacement of important information (such as bank account details, etc.). Malware creators have been able to bypass traditional methods of malware detection, which can be time-consuming and unreliable for unknown malware. This motivates the need for intelligent ways to detect malware, especially new malware which have not been evaluated or studied before. Machine learning provides an intelligent way to detect malware and comprises two stages: feature extraction and classification. This study suggests an ensemble learning-based method for malware detection. The base stage classification is done by a stacked ensemble of fully-connected and one-dimensional convolutional neural networks (CNNs), whereas the end-stage classification is done by a machine learning algorithm. For a meta-learner, we analyzed and compared 15 machine learning classifiers. For comparison, five machine learning algorithms were used: naïve Bayes, decision tree, random forest, gradient boosting, and AdaBoosting. The results of experiments made on the Windows Portable Executable (PE) malware dataset are presented. The best results were obtained by an ensemble of seven neural networks and the ExtraTrees classifier as a final-stage classifier.

show abstract

Hybrid Malware Classification Method Using Segmentation-Based Fractal Texture Analysis and Deep Convolution Neural Network Features

Cited by 92 publications

References 60 publications

An Efficient DenseNet-Based Deep Learning Model for Malware Detection

An Efficient DenseNet-Based Deep Learning Model for Malware Detection

Data augmentation based malware detection using convolutional neural networks

Windows PE Malware Detection Using Ensemble Learning

Contact Info

Product

Resources

About