W. Aditya, Girinoto, R. B. Hadiprakoso, Adam Waluyo
{"title":"基于Windows API调用序列的恶意软件分类平台深度学习","authors":"W. Aditya, Girinoto, R. B. Hadiprakoso, Adam Waluyo","doi":"10.1109/ICIMCIS53775.2021.9699248","DOIUrl":null,"url":null,"abstract":"Malware attacks and the growth of new types of malwares are things for government and industry departments to consider. More and more types of malware attacks require preventative measures using deep learning for malware analysis to minimize the impact of malware attacks. In this case, the task of the cyber-attack detection team of the National Cybersecurity and Encryption Agency Threat Detection Agency is to perform malware analysis. This research implemented malware detection and classification using a deep learning model by leveraging a sequence of API calls. The learning model is built with two different recurrent neural network architectures, LSTM and GRU for comparison. The architecture comparison shows that LSTM is better than GRU. The test results show that the accuracy rates of the learning model using the LSTM architecture in binary classification and multiple class classification are 97.3% and 56.05%, respectively. In this study, we aim to build classification platform to classify malware using the classification model that has been made and enhancing the dataset by merging and update new data. The classification model testing result shown that 146 samples were correctly predicted, with an accuracy rate of 96.8%","PeriodicalId":250460,"journal":{"name":"2021 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS","volume":"605 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Deep Learning for Malware Classification Platform using Windows API Call Sequence\",\"authors\":\"W. Aditya, Girinoto, R. B. Hadiprakoso, Adam Waluyo\",\"doi\":\"10.1109/ICIMCIS53775.2021.9699248\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Malware attacks and the growth of new types of malwares are things for government and industry departments to consider. More and more types of malware attacks require preventative measures using deep learning for malware analysis to minimize the impact of malware attacks. In this case, the task of the cyber-attack detection team of the National Cybersecurity and Encryption Agency Threat Detection Agency is to perform malware analysis. This research implemented malware detection and classification using a deep learning model by leveraging a sequence of API calls. The learning model is built with two different recurrent neural network architectures, LSTM and GRU for comparison. The architecture comparison shows that LSTM is better than GRU. The test results show that the accuracy rates of the learning model using the LSTM architecture in binary classification and multiple class classification are 97.3% and 56.05%, respectively. In this study, we aim to build classification platform to classify malware using the classification model that has been made and enhancing the dataset by merging and update new data. The classification model testing result shown that 146 samples were correctly predicted, with an accuracy rate of 96.8%\",\"PeriodicalId\":250460,\"journal\":{\"name\":\"2021 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS\",\"volume\":\"605 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-10-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICIMCIS53775.2021.9699248\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIMCIS53775.2021.9699248","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Deep Learning for Malware Classification Platform using Windows API Call Sequence
Malware attacks and the growth of new types of malwares are things for government and industry departments to consider. More and more types of malware attacks require preventative measures using deep learning for malware analysis to minimize the impact of malware attacks. In this case, the task of the cyber-attack detection team of the National Cybersecurity and Encryption Agency Threat Detection Agency is to perform malware analysis. This research implemented malware detection and classification using a deep learning model by leveraging a sequence of API calls. The learning model is built with two different recurrent neural network architectures, LSTM and GRU for comparison. The architecture comparison shows that LSTM is better than GRU. The test results show that the accuracy rates of the learning model using the LSTM architecture in binary classification and multiple class classification are 97.3% and 56.05%, respectively. In this study, we aim to build classification platform to classify malware using the classification model that has been made and enhancing the dataset by merging and update new data. The classification model testing result shown that 146 samples were correctly predicted, with an accuracy rate of 96.8%
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
