scholarly journals Deep learning based Sequential model for malware analysis using Windows exe API Calls

2020 ◽  
Vol 6 ◽  
pp. e285 ◽  
Author(s):  
Ferhat Ozgur Catak ◽  
Ahmet Faruk Yazı ◽  
Ogerta Elezaj ◽  
Javed Ahmed
Keyword(s):  
Short Term Memory ◽  
Malware Detection ◽  
Classification Performance ◽  
Research Literature ◽  
Classification Method ◽  
Sequential Data ◽  
Malware Analysis ◽  
New Research ◽  
Metamorphic Malware ◽  
Malware Detection And Classification

Malware development has seen diversity in terms of architecture and features. This advancement in the competencies of malware poses a severe threat and opens new research dimensions in malware detection. This study is focused on metamorphic malware, which is the most advanced member of the malware family. It is quite impossible for anti-virus applications using traditional signature-based methods to detect metamorphic malware, which makes it difficult to classify this type of malware accordingly. Recent research literature about malware detection and classification discusses this issue related to malware behavior. The main goal of this paper is to develop a classification method according to malware types by taking into consideration the behavior of malware. We started this research by developing a new dataset containing API calls made on the windows operating system, which represents the behavior of malicious software. The types of malicious malware included in the dataset are Adware, Backdoor, Downloader, Dropper, spyware, Trojan, Virus, and Worm. The classification method used in this study is LSTM (Long Short-Term Memory), which is a widely used classification method in sequential data. The results obtained by the classifier demonstrate accuracy up to 95% with 0.83 $F_1$-score, which is quite satisfactory. We also run our experiments with binary and multi-class malware datasets to show the classification performance of the LSTM model. Another significant contribution of this research paper is the development of a new dataset for Windows operating systems based on API calls. To the best of our knowledge, there is no such dataset available before our research. The availability of our dataset on GitHub facilitates the research community in the domain of malware detection to benefit and make a further contribution to this domain.

Deep Learning-Based Malware Detection and Classification

2021 ◽  
pp. 93-116
Author(s):  
Mirnalinee T. T. ◽  
Bhuvana J. ◽  
Arul Thileeban S. ◽  
Daniel Jeswin Nallathambi ◽  
Anirudh Muthukumar
Keyword(s):  
Neural Network ◽  
Cyber Security ◽  
Input Data ◽  
Malware Detection ◽  
Primary Objective ◽  
Malware Analysis ◽  
Detection Techniques ◽  
The Family ◽  
Threat Level ◽  
Malware Detection And Classification

Malware analysis is an important aspect of cyber security and is a key component in securing systems from attackers. New malware signatures are being created continuously and detection techniques need to keep pace with them. The primary objective is to propose a solution which detects malicious files in real time by evaluating each file. Other objectives are to assess the threat level of the malware and recognize the family of malicious file. Hence, to cover all the needs and to fulfill the motivation, a deep neural network is more suitable to detect and classify the malware. Convolutional neural network-based system MalNet-D is designed to detect the presence of malware, and subsequently, to classify the detected malware into the family in which it belongs, a variation of MalNet-D termed as MalNet-C is proposed. Images of the executable files, both malign and benign, are used as input data, which is trained by the respective MalNet. This is used to detect and classify malware into families. The system achieved 93% accuracy in malware detection and 96% accuracy in malware classification.

scholarly journals Dynamic Malware Analysis with Feature Engineering and Feature Learning

2020 ◽  
Vol 34 (01) ◽  
pp. 1210-1217
Author(s):  
Zhaoqi Zhang ◽  
Panpan Qi ◽  
Wei Wang
Keyword(s):  
Neural Network ◽  
Network Architecture ◽  
Deep Neural Network ◽  
Short Term Memory ◽  
Expert Knowledge ◽  
Malware Detection ◽  
Feature Representation ◽  
Feature Engineering ◽  
Malware Analysis ◽  
Neural Network Architecture

Dynamic malware analysis executes the program in an isolated environment and monitors its run-time behaviour (e.g. system API calls) for malware detection. This technique has been proven to be effective against various code obfuscation techniques and newly released (“zero-day”) malware. However, existing works typically only consider the API name while ignoring the arguments, or require complex feature engineering operations and expert knowledge to process the arguments. In this paper, we propose a novel and low-cost feature extraction approach, and an effective deep neural network architecture for accurate and fast malware detection. Specifically, the feature representation approach utilizes a feature hashing trick to encode the API call arguments associated with the API name. The deep neural network architecture applies multiple Gated-CNNs (convolutional neural networks) to transform the extracted features of each API call. The outputs are further processed through bidirectional LSTM (long-short term memory networks) to learn the sequential correlation among API calls. Experiments show that our solution outperforms baselines significantly on a large real dataset. Valuable insights about feature engineering and architecture design are derived from the ablation study.

scholarly journals Malware Detection Based on Code Visualization and Two-Level Classification

Information ◽  
2021 ◽  
Vol 12 (3) ◽  
pp. 118
Author(s):  
Vassilios Moussas ◽  
Antonios Andreatos
Keyword(s):  
Web Applications ◽  
Detection System ◽  
Malware Detection ◽  
Image Features ◽  
Malicious Code ◽  
Malware Analysis ◽  
Malicious Software ◽  
Antivirus Software ◽  
Malware Classification ◽  
Artificial Neural Network Ann

Malware creators generate new malicious software samples by making minor changes in previously generated code, in order to reuse malicious code, as well as to go unnoticed from signature-based antivirus software. As a result, various families of variations of the same initial code exist today. Visualization of compiled executables for malware analysis has been proposed several years ago. Visualization can greatly assist malware classification and requires neither disassembly nor code execution. Moreover, new variations of known malware families are instantly detected, in contrast to traditional signature-based antivirus software. This paper addresses the problem of identifying variations of existing malware visualized as images. A new malware detection system based on a two-level Artificial Neural Network (ANN) is proposed. The classification is based on file and image features. The proposed system is tested on the ‘Malimg’ dataset consisting of the visual representation of well-known malware families. From this set some important image features are extracted. Based on these features, the ANN is trained. Then, this ANN is used to detect and classify other samples of the dataset. Malware families creating a confusion are classified by a second level of ANNs. The proposed two-level ANN method excels in simplicity, accuracy, and speed; it is easy to implement and fast to run, thus it can be applied to antivirus software, smart firewalls, web applications, etc.

scholarly journals Co-Creating New Directions for Service Robots in Hospitality and Tourism

2021 ◽  
Vol 2 (1) ◽  
pp. 43-61
Author(s):  
Francesc Fusté-Forné ◽  
Tazim Jamal
Keyword(s):  
Ethical Issues ◽  
Research Literature ◽  
Service Robots ◽  
Future Research ◽  
Research Attention ◽  
Research And Practice ◽  
Tourism Management ◽  
New Directions ◽  
Hospitality And Tourism ◽  
New Research

Research on the relationship between automation services and tourism has been rapidly growing in recent years and has led to a new service landscape where the role of robots is gaining both practical and research attention. This paper builds on previous reviews and undertakes a comprehensive analysis of the research literature to discuss opportunities and challenges presented by the use of service robots in hospitality and tourism. Management and ethical issues are identified and it is noted that practical and ethical issues (roboethics) continue to lack attention. Going forward, new directions are urgently needed to inform future research and practice. Legal and ethical issues must be proactively addressed, and new research paradigms developed to explore the posthumanist and transhumanist transitions that await. In addition, closer attention to the potential of “co-creation” for addressing innovations in enhanced service experiences in hospitality and tourism is merited. Among others, responsibility, inclusiveness and collaborative human-robot design and implementation emerge as important principles to guide future research and practice in this area.

Corruption and anti-corruption local discourses and international practices in post-socialist Romania

Human Affairs ◽  
2013 ◽  
Vol 23 (2) ◽  
Author(s):  
Filippo Zerilli
Keyword(s):  
Cultural History ◽  
Research Literature ◽  
The European Union ◽  
The Past ◽  
Research Fields ◽  
Nation States ◽  
National Heritage ◽  
New Research ◽  
Local Discourses ◽  
The Cold War

AbstractIn the past two decades academic and research literature on “corruption” has flourished. During the same period organizations and initiatives fighting against corruption have also significantly expanded, turning “anti-corruption” into a new research subject. However, despite a few exceptions there is a division of labor between scholars who study corruption itself and those who study the global anti-corruption industry. Juxtaposing corruption’s local discourses and anti-corruption international practices, this article is an attempt to bring together these two intertwined research dimensions and explore how an ethnographic approach might contribute to framing them together. Firstly, it describes how corruption in Romania is often conceptualized and explained in terms of national heritage, something related to old and recent cultural history, including traditional folklore. Secondly, it explores how anti-corruption works in practice, focusing on international legal cooperation projects monitoring the progress and shortcomings both prior to and post Romania’s accession to the European Union. Finally, revealing the articulations of these two apparently unrelated research fields, the article argues that corruption’s local explanations and the circular logic of auditing observed within the anti-corruption industry share a common developmental ideology mirroring the crypto-colonialist structure of power relations and dependency among European nation-states emerging out of the Cold War.

Sign in / Sign up

Export Citation Format

Share Document