Abstract
Over recent years, the world is being driven through data, which has also marked the increase of malware attacks. These are harmful programs that can perform functions like stealing or deleting the user’s sensitive data, monitoring the user’s activity, and seizing control over the user’s computer. Early detection of such programs, using the binary data present in each computer file, is essential in today’s world. The ability to convert the binary file to an image representation has opened doors for deep learning-based approaches. Traditional approaches use large convolution layer-based neural network architectures like Resnet and VGG-16 to solve this problem. Though these techniques are effective, they take a relatively long time to detect malware from these images, which cannot be afforded in such time-sensitive tasks. In this paper, we proposed an ensemble-based approach using a relatively shallow convolution layer-based neural network architecture boosted using the lazy unsupervised learning technique of K nearest neighbors. We tested this model on the publicly available Malimg dataset with 9339 binary file image representation samples belonging to 25 malware families. Though this combination has less complexity than traditional approaches, it has achieved a better accuracy of 99.63% on such a seemingly complex task. It has also displayed some notable advantages of faster training, faster prediction, and improved performance on classes with less data, which shows bright scope for building an adaptable stochastic malware detection framework, a much-needed system cybersecurity domain.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
AV-TEST GmbH, Malware Statistics (2020). https://www.av-test.org/en/statistics/malware.html. Accessed 13 Mar 2020
D. Lackey, Data Statistics (2019). https://blazon.online/data-marketing/how-much-data-do-we-create-every-day-the-mind-blowing-stats-everyone-should-read.html. Accessed 13 Mar 2020
K. He, X. Zhang, S. Ren, J. Sun, Deep residual learning for image recognition, in 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 27–30 June 2016
K. Simonyan, A. Zisserman, Very deep convolutional networks for large-scale image recognition. CoRR, abs/1409.1556 (2015)
V.P.V. Laxmi, M.S. Gaur, Survey on Malware detection methods, in Proceeding of the 2nd Annual India Software Engineering Conference, 23–26 Feb 2009
I. Santos, F. Brezo, J. Nieves, Y. Penya, B. Sanz, C. Laorden, P. Bringas, Idea Opcode-sequence-based Malware detection, in Proceedings of 2nd International Symposium on Engineering Secure Software and Systems (2010), pp. 35–43
A. Tang, S. Sethumadhavan, S.J. Stolfo, Unsupervised anomaly-based Malware detection using hardware features, in Research in Attacks, Intrusions and Defenses (2014), pp. 109–129
K. Kemalis, T. Tzouramanis, SQL-IDS: a specification-based approach for SQL-injection detection, in Proceedings of the ACM Symposium on Applied Computing (2008), pp. 2153–2158
A. Chaugule, Z. Xu , S. Zhu, A specification based intrusion detection framework for mobile phones, in ACNS’11: Proceedings of the 9th International Conference on Applied Cryptography and Network Security (2011), pp. 19–37
A. Makandar , A. Patrot, Malware class recognition using image processing techniques, in International Conference on Data Management, Analytics and Innovation, 24–26 Feb 2017
D.R. Pinto, J.C. Duarte, R. Sant’Ana: A deep learning approach to the Malware classification problem using autoencoders, in SBSI’19: Proceedings of the XV Brazilian Symposium on Information Systems, 20(1), pp. 1–8 (2019)
B. Jung, T.G. Kim, E. Im, Malware classification using byte sequence information, in RACS ’18: Proceedings of the 2018 Conference on Research in Adaptive and Convergent Systems (2018), pp. 143–148
A. Singh, A. Handa, N. Kumar, S.K. Shukla, Malware classification using image representation, in Cyber Security Cryptography and Machine Learning (2019), pp. 75–92
W.W. Lo, X. Yang, Y. Wang, An Xception convolutional neural network for Malware classification with transfer learning, in 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), 24–26 June 2019
E. Rezende, G. Ruppert, T. Carvalho, A. Theophilo, F. Ramos, P. de Geus, Malicious software classification using VGG16 deep neural network’s bottleneck features, in Information Technology—New Generations (2018), pp. 51–59
L. Nataraj, B.S. Manjunath, SPAM: signal processing to analyze Malware. IEEE Signal Process. Mag. 33(2), 105–117 (2016)
G. Rajesh Kumar, N. Mangathayaru, G. Narasimha, Similarity function for intrusion detection, in ICEMIS’19: Proceedings of the 5th International Conference on Engineering and MIS, vol. 28 (2019), pp. 1–4
H. Zhou, Malware detection with neural network using combined features, in CNCERT 2018: Cyber Security (2018), pp. 96–106
K. Sethi, S.K. Chaudhary, B.K. Tripathy, P. Bera, A novel malware analysis for malware detection and classification using machine learning algorithms, in SIN’17: Proceedings of the 10th International Conference on Security of Information and Networks (2017), pp. 107–113
A.L. Maas, A.Y. Hannun, A.Y. Ng, Rectifier nonlinearities improveneural network acoustic models, in ICML, vol. 30 (2013)
T. Cover, P. Hart, Nearest neighbor pattern classification. IEEE Trans. Inf.Theory 13(2), 21–27 (1972)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Mane, D.T., Kumbharkar, P.B., Javheri, S.B., Moorthy, R. (2022). An Adaptable Ensemble Architecture for Malware Detection. In: Khanna, A., Gupta, D., Bhattacharyya, S., Hassanien, A.E., Anand, S., Jaiswal, A. (eds) International Conference on Innovative Computing and Communications. Advances in Intelligent Systems and Computing, vol 1394. Springer, Singapore. https://doi.org/10.1007/978-981-16-3071-2_53
Download citation
DOI: https://doi.org/10.1007/978-981-16-3071-2_53
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-3070-5
Online ISBN: 978-981-16-3071-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)