{"title":"A Deep Learning Approach to the Malware Classification Problem using Autoencoders","authors":"Dhiego Ramos Pinto, J. C. Duarte, R. Sant'Ana","doi":"10.1145/3330204.3330229","DOIUrl":null,"url":null,"abstract":"Detecting malicious code or categorizing it among families has become an increasingly difficult task. Malware1 exploits vulnerabilities and employ sophisticated techniques to avoid their detection and further classification, challenging cybersecurity teams, governments, enterprises, and the ordinary user, causing uncountable losses annually. Traditional machine learning algorithms have been used to attack the problem, although, these methods are heavily relying on domain expertise to be successful. Deep Learning methods requires less dependency on feature engineering, discovering the important features straightly from the raw data, recognizing patterns that humans usually can't. This work presents a deep learning approach for malware multi-class classification based on an unsupervised pre-trained classifier, using opcodes and its operands frequencies as raw data, ignoring knowledge that could be acquired from any known features from the malware families. The results confirmed that the approach is well succeeded and our best model achieved a MacroF1 of 93.14% a competitive result comparing to best-known classifier, since it uses less information about the malware.","PeriodicalId":348938,"journal":{"name":"Proceedings of the XV Brazilian Symposium on Information Systems","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the XV Brazilian Symposium on Information Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3330204.3330229","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Detecting malicious code or categorizing it among families has become an increasingly difficult task. Malware1 exploits vulnerabilities and employ sophisticated techniques to avoid their detection and further classification, challenging cybersecurity teams, governments, enterprises, and the ordinary user, causing uncountable losses annually. Traditional machine learning algorithms have been used to attack the problem, although, these methods are heavily relying on domain expertise to be successful. Deep Learning methods requires less dependency on feature engineering, discovering the important features straightly from the raw data, recognizing patterns that humans usually can't. This work presents a deep learning approach for malware multi-class classification based on an unsupervised pre-trained classifier, using opcodes and its operands frequencies as raw data, ignoring knowledge that could be acquired from any known features from the malware families. The results confirmed that the approach is well succeeded and our best model achieved a MacroF1 of 93.14% a competitive result comparing to best-known classifier, since it uses less information about the malware.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
