Malicious Software Classification Using VGG16 Deep Neural Network’s Bottleneck Features

Rezende, Edmar; Ruppert, Guilherme C. S.; Carvalho, Tiago; Theóphilo, Antônio; Ramos, Fábio; Geus, Paulo Lício de

doi:10.1007/978-3-319-77028-4_9

Cited by 94 publications

(68 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Table 4 shows the results of our method compared with the four combination models: GIST+KNN, LBP+KNN, GIST+DSIFT+KNN, VGG16(fine-tune). We can see that our method has achieved [25] combined deep learning and transfer learning algorithms to achieve a higher classification accuracy of malware classification. However, our method (MESRF) still improved the classification accuracy rate by 1% and achieved a better classification performance.…”

Section: E Compared With Other Malware Classification Methodsmentioning

confidence: 84%

“…To validate the effectiveness and efficiency of the proposed method, we compared our method with four other malware classification methods [3], [6], [24], [25] that use the structural features of malware. Each of the methods extracts the structural features (texture features) from the raw bytes of the malware, and then applied machine learning algorithms (e.g.…”

Section: E Compared With Other Malware Classification Methodsmentioning

confidence: 99%

“…Tang et al [7] proposed a method to solve the lacking data problem and improve the performance of malware few-shot classification based on the deep learning algorithm. Edmar et al [25] utilized VGG16 network to extract features from the raw bytes, and classified the malware based transfer learning algorithms, which improved the classification performance. The texturebased detection methods can handle some code obfuscation problems, and provide better performance relative to some traditional methods, but it still has some limitations.…”

Section: Malware Detection Based On Texture Featuresmentioning

confidence: 99%

See 2 more Smart Citations

File Entropy Signal Analysis Combined With Wavelet Decomposition for Malware Classification

Guo

Huang

et al. 2020

IEEE Access

View full text Add to dashboard Cite

With the rapid development of the Internet, malware variants have increased exponentially, which poses a key threat to cyber security. Persistent efforts have been made to classify malware variants, but there are still many challenges, including the incapacity to deal with various malware variants belonging to similar families, the problem of time and resource consuming, etc. This paper proposes a novel method, called Malware Entropy Sequences Reflect the Family (MESRF), to improve the classification of malware based on the entropy sequences features. In prior research, entropy demonstrated good performance in many areas. First, the global features of the signals were extracted from the entropy sequences by some statistical methods. Next, some local features (i.e. structural entropy features) are extracted based on the discrete wavelet decomposition algorithm and vectorized by the Bag-of-words model, endowing it the high accuracy of malware classification. To evaluate our method, we conducted numerous experiments on the malware datasets with more than 20,000 samples. Through experiments, MESRF showed superiority comparing with other malware classification models, and the accuracy and ROC of the method even could reach 99.83% and 99.98% respectively on the malimg dataset.

show abstract

Section: E Compared With Other Malware Classification Methodsmentioning

confidence: 84%

Section: E Compared With Other Malware Classification Methodsmentioning

confidence: 99%

Section: Malware Detection Based On Texture Featuresmentioning

confidence: 99%

See 1 more Smart Citation

File Entropy Signal Analysis Combined With Wavelet Decomposition for Malware Classification

Guo

Huang

et al. 2020

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Rezende et al [8] introduced a malware detection method using pre-trained VGG16, one of well-known deep learning models for object detection. They first extracted features from the bottleneck layer of VGG16, trained by Im-ageNet dataset, and then trained a SVM classifer with the extracted features to detect malwares.…”

Section: Related Workmentioning

confidence: 99%

“…However, our model is specialized for handling binary image data. For example, in our convolution layers, the kernel size and stride size are the multiplies of power of two (i.e., (16,64), (8,8), (8,32), (16,16)) not conventional odd numbers (e.g., (3,3) or (5,5)). Since an executable file format strictly follows byte alignment, the choice of the multiplies of power of two at kernel size and stride size will prevent from disrupting byte alignment during training.…”

Section: Architecturementioning

confidence: 99%

Mal2d: 2d Based Deep Learning Model for Malware Detection Using Black and White Binary Image

Cho

Kim

Shin

et al. 2020

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

Minkyoung CHO †a) , Member, Jik-Soo KIM †b) , Jongho SHIN †c) , and Incheol SHIN † †d) , Nonmembers SUMMARY We propose an effective 2d image based end-to-end deep learning model for malware detection by introducing a black & white embedding to reserve bit information and adapting the convolution architecture. Experimental results show that our proposed scheme can achieve superior performance in both of training and testing data sets compared to well-known image recognition deep learning models (VGG and ResNet).

show abstract

Pathological categorization of lung carcinoma from multimodality images using convolutional neural networks

Jacob

Menon

2021

Int J Imaging Syst Tech

View full text Add to dashboard Cite

Accurate diagnosis and treatment of lung carcinoma depend on its pathological type and staging. Normally, pathological analysis is performed either by needle biopsy or surgery. Therefore, a noninvasive method to detect pathological types would be a good alternative. Hence, this work aims at categorizing different types of lung cancer from multimodality images. The proposed approach involves two stages. Initially, a Blind/Referenceless Image Spatial Quality Evaluator‐based approach is adopted to extract the slices having lung abnormalities from the dataset. The slices then are transferred to a novel shallow convolutional neural network model to detect adenocarcinoma, squamous cell carcinoma, and small cell carcinoma from multimodality images. The classifier efficacy is then investigated by comparing precision, recall, area under curve, and accuracy with pretrained models and existing methods. The results narrate that the suggested system outperformed with a testing accuracy of 95% in Positron emission tomography/computed tomography (PET/CT), 93% in CT images of the Lung‐PET‐CT‐DX dataset, and 98% in the Lung3 dataset. Furthermore, a kappa score of 0.92 in PET/CT of Lung‐PETCT‐DX and 0.98 in CT of Lung3 exhibited the effectiveness of the presented system in the field of lung cancer classification.

show abstract

Malicious Software Classification Using VGG16 Deep Neural Network’s Bottleneck Features

Cited by 94 publications

References 6 publications

File Entropy Signal Analysis Combined With Wavelet Decomposition for Malware Classification

File Entropy Signal Analysis Combined With Wavelet Decomposition for Malware Classification

Mal2d: 2d Based Deep Learning Model for Malware Detection Using Black and White Binary Image

Pathological categorization of lung carcinoma from multimodality images using convolutional neural networks

Contact Info

Product

Resources

About