Malware Classification Using Deep Boosted Learning

Malicious activities in cyberspace have gone further than simply hacking machines and spreading viruses. It has become a challenge for a nations’ survival and hence has evolved to cyber warfare. Malware is a key component of cyber-crime, and its analysis is the first line of defence against attack. This work proposes a novel deep boosted hybrid learning-based malware classification framework and named as Deep boosted Feature Space-based Malware classification (DFS-MC). In the proposed framework, the discrimination power is enhanced by fusing the feature spaces of the best performing customized CNN architectures models and its discrimination by an SVM for classification. The discrimination capacity of the proposed classification framework is assessed by comparing it against the standard customized CNNs. The customized CNN models are implemented in two ways: softmax classifier and deep hybrid learning-based malware classification. In the hybrid learning, Deep features are extracted from customized CNN architectures and fed into the conventional machine learning classifier to improve the classification performance. We also introduced the concept of transfer learning in a customized CNN architecture based malware classification framework through fine-tuning. The performance of the proposed malware classification approaches are validated on the MalImg malware dataset using the hold-out cross-validation technique. Experimental comparisons were conducted by employing innovative, customized CNN, trained from scratch and fine-tuning the customized CNN using transfer learning. The proposed classification framework DFS-MC showed improved results, Accuracy: 98.61%, F-score: 0.96, Precision: 0.96, and Recall: 0.96. Keywords—Malware classification, Deep learning, Transfer learning, Feature extraction, Convolutional Neural Networks, Feature Space, SVM

[1]  Sung-Bae Cho,et al.  Zero-day malware detection using transferred generative adversarial networks based on deep autoencoders , 2018, Inf. Sci..

[2]  Taghi M. Khoshgoftaar,et al.  A survey on Image Data Augmentation for Deep Learning , 2019, Journal of Big Data.

[3]  Divya Bansal,et al.  Malware Analysis and Classification: A Survey , 2014 .

[4]  Khairuddin Omar,et al.  A Survey on Malware Analysis Techniques: Static, Dynamic, Hybrid and Memory Analysis , 2018, International Journal on Advanced Science, Engineering and Information Technology.

[5]  B. Prima,et al.  USING TRANSFER LEARNING FOR MALWARE CLASSIFICATION , 2020 .

[6]  Saddam Hussain Khan,et al.  Classification and Region Analysis of COVID-19 Infection using Lung CT Images and Deep Convolutional Neural Networks , 2020, SSRN Electronic Journal.

[7]  Kilian Q. Weinberger,et al.  Densely Connected Convolutional Networks , 2016, 2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[8]  Kangbin Yim,et al.  Malware Obfuscation Techniques: A Brief Survey , 2010, 2010 International Conference on Broadband, Wireless Computing, Communication and Applications.

[9]  Roberto Baldoni,et al.  Survey on the Usage of Machine Learning Techniques for Malware Analysis , 2017, Comput. Secur..

[10]  Ravi Sahita,et al.  HeNet: A Deep Learning Approach on Intel® Processor Trace for Effective Exploit Detection , 2018, 2018 IEEE Security and Privacy Workshops (SPW).

[11]  Abdelouahid Derhab,et al.  MalDozer: Automatic framework for android malware detection using deep learning , 2018, Digit. Investig..

[12]  Rahil Hosseini,et al.  A state-of-the-art survey of malware detection approaches using data mining techniques , 2018, Human-centric Computing and Information Sciences.

[13]  Hossam Faris,et al.  A multi-verse optimizer approach for feature selection and optimizing SVM parameters based on a robust system architecture , 2017, Neural Computing and Applications.

[14]  Sumit S. Lad,et al.  Malware Classification with Improved Convolutional Neural Network Model , 2020, International Journal of Computer Network and Information Security.

[15]  Kouichi Sakurai,et al.  Lightweight Classification of IoT Malware Based on Image Recognition , 2018, 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC).

[16]  Ali Hamzeh,et al.  A survey on heuristic malware detection techniques , 2013, The 5th Conference on Information and Knowledge Technology.

[17]  Hamad Naeem,et al.  Visual Malware Classification Using Local and Global Malicious Pattern , 2019 .

[18]  Irfan Ul Haq,et al.  Transfer Learning and Meta Classification Based Deep Churn Prediction System for Telecom Industry , 2019, ArXiv.

[19]  Luis Perez,et al.  The Effectiveness of Data Augmentation in Image Classification using Deep Learning , 2017, ArXiv.

[20]  R. Vinayakumar,et al.  DeepMalNet: Evaluating shallow and deep networks for static PE malware detection , 2018, ICT Express.

[21]  Masao Kubo,et al.  MANNWARE: A Malware Classification Approach with a Few Samples Using a Memory Augmented Neural Network , 2020, Inf..

[22]  Jinjun Chen,et al.  Detection of Malicious Code Variants Based on Deep Learning , 2018, IEEE Transactions on Industrial Informatics.

[23]  B. S. Manjunath,et al.  Malware images: visualization and automatic classification , 2011, VizSec '11.

[24]  Aqsa Saeed Qureshi,et al.  Malware Classification using Deep Learning based Feature Extraction and Wrapper based Feature Selection Technique , 2019, ArXiv.

[25]  Daniel Gibert,et al.  The rise of machine learning for detection and classification of malware: Research developments, trends and challenges , 2020, J. Netw. Comput. Appl..

[26]  Dumitru Erhan,et al.  Going deeper with convolutions , 2014, 2015 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[27]  Brian Mac Namee,et al.  Deep learning at the shallow end: Malware classification for non-domain experts , 2018, Digit. Investig..

[28]  Lei Du,et al.  Malicious code detection based on CNNs and multi-objective algorithm , 2019, J. Parallel Distributed Comput..

[29]  Aziz Makandar,et al.  Malware Image Analysis and Classification using Support Vector Machine , 2015 .

[30]  Qin Zheng,et al.  Image-Based malware classification using ensemble of CNN architectures (IMCEC) , 2020, Comput. Secur..

[31]  Sergey Ioffe,et al.  Rethinking the Inception Architecture for Computer Vision , 2015, 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[32]  M. Preda Code Obfuscation and Malware Detection by Abstract Interpretation , 2007 .

[33]  Asifullah Khan,et al.  A survey of the recent architectures of deep convolutional neural networks , 2019, Artificial Intelligence Review.

[34]  Andrew Zisserman,et al.  Very Deep Convolutional Networks for Large-Scale Image Recognition , 2014, ICLR.

[35]  Jian Sun,et al.  Deep Residual Learning for Image Recognition , 2015, 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[36]  Mark Stamp,et al.  A comparison of static, dynamic, and hybrid analysis for malware detection , 2015, Journal of Computer Virology and Hacking Techniques.

[37]  Fabio Ramos,et al.  Malicious Software Classification Using VGG16 Deep Neural Network’s Bottleneck Features , 2018 .

[38]  Rui Zhang,et al.  Malware identification using visualization images and deep learning , 2018, Comput. Secur..