scholarly journals Malware Classification Based on System Call Sequences Using Deep Learning

2020 ◽  
Vol 5 (4) ◽  
pp. 207-216
Author(s):  
Rizki Jaka Maulana ◽  
Gede Putra Kusuma
Keyword(s):  
Deep Learning ◽  
System Call ◽  
Malware Classification ◽  
System Call Sequences

Malware Classification Based on System Call

2021 ◽  
pp. 387-398
Author(s):  
Mohamad Redza Izudin Abu Zaharin ◽  
Shafiza Mohd Shariff
Keyword(s):  
System Call ◽  
Malware Classification

scholarly journals AI-HydRa: Advanced hybrid approach using random forest and deep learning for malware classification

2021 ◽  
Vol 546 ◽  
pp. 420-435
Author(s):  
Suyeon Yoo ◽  
Sungjin Kim ◽  
Seungjae Kim ◽  
Brent Byunghoon Kang
Keyword(s):  
Deep Learning ◽  
Random Forest ◽  
Hybrid Approach ◽  
Malware Classification

scholarly journals A Host-Based Anomaly Detection Framework Using XGBoost and LSTM for IoT Devices

2020 ◽  
Vol 2020 ◽  
pp. 1-13
Author(s):  
Xiali Wang ◽  
Xiang Lu
Keyword(s):  
Anomaly Detection ◽  
Detection System ◽  
Gradient Boosting ◽  
System Call ◽  
Iot Security ◽  
Extreme Gradient Boosting ◽  
Ip Camera ◽  
Iot Devices ◽  
System Call Sequences ◽  
Abnormal Behaviors

The Internet of Things (IoT) is rapidly spreading in various application scenarios through its salient features in ubiquitous device connections, ranging from agriculture and industry to transportation and other fields. As the increasing spread of IoT applications, IoT security is gradually becoming one of the most significant issues to guard IoT devices against various cybersecurity threats. Usually, IoT devices are the main components responsible for sensing, computing, and transmitting; in this case, how to efficiently protect the IoT device itself away from cyber attacks, like malware, virus, and worm, becomes the vital point in IoT security. This paper presents a brand new architecture of intrusion detection system (IDS) for IoT devices, which is designed to identify device- or host-oriented attacks in a lightweight manner in consideration of limited computation resources on IoT devices. To this end, in this paper, we propose a stacking model to couple the Extreme Gradient Boosting (XGBoost) model and the Long Short-Term Memory (LSTM) model together for the abnormal state analysis on the IoT devices. More specifically, we adopt the system call sequence as the indicators of abnormal behaviors. The collected system call sequences are firstly processed by the famous n-gram model, which is a common method used for host-based intrusion detections. Then, the proposed stacking model is used to identify abnormal behaviors hidden in the system call sequences. To evaluate the performance of the proposed model, we establish a real-setting IP camera system and place several typical IoT attacks on the victim IP camera. Extensive experimental evaluations show that the stacking model has outperformed other existing anomaly detection solutions, and we are able to achieve a 0.983 AUC score in real-world data. Numerical testing demonstrates that the XGBoost-LSTM stacking model has excellent performance, stability, and the ability of generalization.

scholarly journals MalDeep: A Deep Learning Classification Framework against Malware Variants Based on Texture Visualization

2019 ◽  
Vol 2019 ◽  
pp. 1-11
Author(s):  
Yuntao Zhao ◽  
Chunyu Xu ◽  
Bo Bo ◽  
Yongxin Feng
Keyword(s):  
Deep Learning ◽  
Classification Accuracy ◽  
Feature Space ◽  
Image Texture ◽  
Accuracy Rate ◽  
Texture Representation ◽  
Malware Classification ◽  
Classification Framework ◽  
Average Accuracy ◽  
New Feature

The increasing sophistication of malware variants such as encryption, polymorphism, and obfuscation calls for the new detection and classification technology. In this paper, MalDeep, a novel malware classification framework of deep learning based on texture visualization, is proposed against malicious variants. Through code mapping, texture partitioning, and texture extracting, we can study malware classification in a new feature space of image texture representation without decryption and disassembly. Furthermore, we built a malware classifier on convolutional neural network with two convolutional layers, two downsampling layers, and many full connection layers. We adopt the dataset, from Microsoft Malware Classification Challenge including 9 categories of malware families and 10868 variant samples, to train the model. The experiment results show that the established MalDeep has a higher accuracy rate for malware classification. In particular, for some backdoor families, the classification accuracy of the model reaches over 99%. Moreover, compared with other main antivirus software, MalDeep also outperforms others in the average accuracy for the variants from different families.

Sign in / Sign up

Export Citation Format

Share Document