Deep Networks in Online Malware Detection

Deep learning is usually applied to static datasets. If used for classification based on data streams, it is not easy to take into account a non-stationarity. This paper presents work in progress on a new method for online deep classification learning in data streams with slow or moderate drift, highly relevant for the application domain of malware detection. The method uses a combination of multilayer perceptron and variational autoencoder to achieve constant memory consumption by encoding past data to a generative model. This can make online learning of neural networks more accessible for independent adaptive systems with limited memory. First results for real-world malware stream data are presented.

[1]  W. Press,et al.  Numerical Recipes: The Art of Scientific Computing , 1987 .

[2]  Elisa Bertino,et al.  Android resource usage risk assessment using hidden Markov model and online learning , 2017, Comput. Secur..

[3]  Elisa Bertino,et al.  Android malicious application detection using support vector machine and active learning , 2017, 2017 13th International Conference on Network and Service Management (CNSM).

[4]  Mark Stamp,et al.  Introduction to Machine Learning with Applications in Information Security , 2017 .

[5]  Max Welling,et al.  Auto-Encoding Variational Bayes , 2013, ICLR.

[6]  S. Holm A Simple Sequentially Rejective Multiple Test Procedure , 1979 .

[7]  Jimmy Ba,et al.  Adam: A Method for Stochastic Optimization , 2014, ICLR.

[8]  Yang Liu,et al.  Adaptive and scalable Android malware detection through online learning , 2016, 2016 International Joint Conference on Neural Networks (IJCNN).

[10]  Wray L. Buntine,et al.  Computing second derivatives in feed-forward networks: a review , 1994, IEEE Trans. Neural Networks.

[11]  Lior Rokach,et al.  Novel active learning methods for enhanced PC malware detection in windows OS , 2014, Expert Syst. Appl..

[12]  John Shawe-Taylor,et al.  Generalization Performance of Support Vector Machines and Other Pattern Classifiers , 1999 .

[13]  Ali Dehghantanha,et al.  Intelligent OS X malware threat detection with code inspection , 2018, Journal of Computer Virology and Hacking Techniques.

[14]  Aurélien Géron,et al.  Hands-On Machine Learning with Scikit-Learn and TensorFlow: Concepts, Tools, and Techniques to Build Intelligent Systems , 2017 .

[15]  Alexander J. Smola,et al.  Learning with kernels , 1998 .