Detection of Exceptional Malware Variants Using Deep Boosted Feature Spaces and Machine Learning
Malware is a key component of cyber-crime, and its analysis is the first line of defence against cyber-attack. This study proposes two new malware classification frameworks: Deep Feature Space-based Malware classification (DFS-MC) and Deep Boosted Feature Space-based Malware classification (DBFS-MC)...
Guardado en:
| Autores principales: | , , , , , , , , |
|---|---|
| Formato: | article |
| Lenguaje: | EN |
| Publicado: |
MDPI AG
2021
|
| Materias: | |
| Acceso en línea: | https://doaj.org/article/ea324eb47c8b4fd393023f7427e76be3 |
| Etiquetas: |
Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
| id |
oai:doaj.org-article:ea324eb47c8b4fd393023f7427e76be3 |
|---|---|
| record_format |
dspace |
| spelling |
oai:doaj.org-article:ea324eb47c8b4fd393023f7427e76be32021-11-11T15:24:37ZDetection of Exceptional Malware Variants Using Deep Boosted Feature Spaces and Machine Learning10.3390/app1121104642076-3417https://doaj.org/article/ea324eb47c8b4fd393023f7427e76be32021-11-01T00:00:00Zhttps://www.mdpi.com/2076-3417/11/21/10464https://doaj.org/toc/2076-3417Malware is a key component of cyber-crime, and its analysis is the first line of defence against cyber-attack. This study proposes two new malware classification frameworks: Deep Feature Space-based Malware classification (DFS-MC) and Deep Boosted Feature Space-based Malware classification (DBFS-MC). In the proposed DFS-MC framework, deep features are generated from the customized CNN architectures and are fed to a support vector machine (SVM) algorithm for malware classification, while, in the DBFS-MC framework, the discrimination power is enhanced by first combining deep feature spaces of two customized CNN architectures to achieve boosted feature spaces. Further, the detection of exceptional malware is performed by providing the deep boosted feature space to SVM. The performance of the proposed malware classification frameworks is evaluated on the MalImg malware dataset using the hold-out cross-validation technique. Malware variants like Autorun.K, Swizzor.gen!I, Wintrim.BX and Yuner.A is hard to be correctly classified due to their minor inter-class differences in their features. The proposed DBFS-MC improved performance for these difficult to discriminate malware classes using the idea of feature boosting generated through customized CNNs. The proposed classification framework DBFS-MC showed good results in term of accuracy: 98.61%, F-score: 0.96, precision: 0.96, and recall: 0.96 on stringent test data, using 40% unseen data.Muhammad AsamShaik Javeed HussainMohammed MohatramSaddam Hussain KhanTauseef JamalAmad ZafarAsifullah KhanMuhammad Umair AliUmme ZahooraMDPI AGarticlemalware classificationdetectiondeep learningdeep featuresconvolutional neural networkstransfer learningTechnologyTEngineering (General). Civil engineering (General)TA1-2040Biology (General)QH301-705.5PhysicsQC1-999ChemistryQD1-999ENApplied Sciences, Vol 11, Iss 10464, p 10464 (2021) |
| institution |
DOAJ |
| collection |
DOAJ |
| language |
EN |
| topic |
malware classification detection deep learning deep features convolutional neural networks transfer learning Technology T Engineering (General). Civil engineering (General) TA1-2040 Biology (General) QH301-705.5 Physics QC1-999 Chemistry QD1-999 |
| spellingShingle |
malware classification detection deep learning deep features convolutional neural networks transfer learning Technology T Engineering (General). Civil engineering (General) TA1-2040 Biology (General) QH301-705.5 Physics QC1-999 Chemistry QD1-999 Muhammad Asam Shaik Javeed Hussain Mohammed Mohatram Saddam Hussain Khan Tauseef Jamal Amad Zafar Asifullah Khan Muhammad Umair Ali Umme Zahoora Detection of Exceptional Malware Variants Using Deep Boosted Feature Spaces and Machine Learning |
| description |
Malware is a key component of cyber-crime, and its analysis is the first line of defence against cyber-attack. This study proposes two new malware classification frameworks: Deep Feature Space-based Malware classification (DFS-MC) and Deep Boosted Feature Space-based Malware classification (DBFS-MC). In the proposed DFS-MC framework, deep features are generated from the customized CNN architectures and are fed to a support vector machine (SVM) algorithm for malware classification, while, in the DBFS-MC framework, the discrimination power is enhanced by first combining deep feature spaces of two customized CNN architectures to achieve boosted feature spaces. Further, the detection of exceptional malware is performed by providing the deep boosted feature space to SVM. The performance of the proposed malware classification frameworks is evaluated on the MalImg malware dataset using the hold-out cross-validation technique. Malware variants like Autorun.K, Swizzor.gen!I, Wintrim.BX and Yuner.A is hard to be correctly classified due to their minor inter-class differences in their features. The proposed DBFS-MC improved performance for these difficult to discriminate malware classes using the idea of feature boosting generated through customized CNNs. The proposed classification framework DBFS-MC showed good results in term of accuracy: 98.61%, F-score: 0.96, precision: 0.96, and recall: 0.96 on stringent test data, using 40% unseen data. |
| format |
article |
| author |
Muhammad Asam Shaik Javeed Hussain Mohammed Mohatram Saddam Hussain Khan Tauseef Jamal Amad Zafar Asifullah Khan Muhammad Umair Ali Umme Zahoora |
| author_facet |
Muhammad Asam Shaik Javeed Hussain Mohammed Mohatram Saddam Hussain Khan Tauseef Jamal Amad Zafar Asifullah Khan Muhammad Umair Ali Umme Zahoora |
| author_sort |
Muhammad Asam |
| title |
Detection of Exceptional Malware Variants Using Deep Boosted Feature Spaces and Machine Learning |
| title_short |
Detection of Exceptional Malware Variants Using Deep Boosted Feature Spaces and Machine Learning |
| title_full |
Detection of Exceptional Malware Variants Using Deep Boosted Feature Spaces and Machine Learning |
| title_fullStr |
Detection of Exceptional Malware Variants Using Deep Boosted Feature Spaces and Machine Learning |
| title_full_unstemmed |
Detection of Exceptional Malware Variants Using Deep Boosted Feature Spaces and Machine Learning |
| title_sort |
detection of exceptional malware variants using deep boosted feature spaces and machine learning |
| publisher |
MDPI AG |
| publishDate |
2021 |
| url |
https://doaj.org/article/ea324eb47c8b4fd393023f7427e76be3 |
| work_keys_str_mv |
AT muhammadasam detectionofexceptionalmalwarevariantsusingdeepboostedfeaturespacesandmachinelearning AT shaikjaveedhussain detectionofexceptionalmalwarevariantsusingdeepboostedfeaturespacesandmachinelearning AT mohammedmohatram detectionofexceptionalmalwarevariantsusingdeepboostedfeaturespacesandmachinelearning AT saddamhussainkhan detectionofexceptionalmalwarevariantsusingdeepboostedfeaturespacesandmachinelearning AT tauseefjamal detectionofexceptionalmalwarevariantsusingdeepboostedfeaturespacesandmachinelearning AT amadzafar detectionofexceptionalmalwarevariantsusingdeepboostedfeaturespacesandmachinelearning AT asifullahkhan detectionofexceptionalmalwarevariantsusingdeepboostedfeaturespacesandmachinelearning AT muhammadumairali detectionofexceptionalmalwarevariantsusingdeepboostedfeaturespacesandmachinelearning AT ummezahoora detectionofexceptionalmalwarevariantsusingdeepboostedfeaturespacesandmachinelearning |
| _version_ |
1718435402361077760 |