A multi-level deep learning system for malware detection

Abstract To defend against an increasing number of sophisticated malware attacks, deep-learning based Malware Detection Systems (MDSs) have become a vital component of our economic and national security. Traditionally, researchers build the single deep learning model using the entire dataset. However, the single deep learning model may not handle the increasingly complex malware data distributions effectively since different sample subspaces representing a group of similar malware may have unique data distribution. In order to further improve the performance of deep learning based MDSs, we propose a Multi-Level Deep Learning System (MLDLS) that organizes multiple deep learning models using the tree structure. Each model in the tree structure of MLDLS was not built on the whole dataset. Instead, each deep learning model focuses on learning a specific data distribution for a particular group of malware and all deep learning models in the tree work together to make a final decision. Consequently, the learning effectiveness of each deep learning model built for one cluster can be improved. Experimental results show that our proposed system performs better than the traditional approach.

[1]  Razvan Benchea,et al.  Combining Restricted Boltzmann Machine and One Side Perceptron for Malware Detection , 2014, ICCS.

[2]  Latifur Khan,et al.  Data Mining Tools for Malware Detection , 2011 .

[3]  Andrew H. Sung,et al.  Static analyzer of vicious executables (SAVE) , 2004, 20th Annual Computer Security Applications Conference.

[4]  S. Sitharama Iyengar,et al.  A Survey on Malware Detection Using Data Mining Techniques , 2017, ACM Comput. Surv..

[5]  Zhenlong Yuan,et al.  DroidDetector: Android Malware Characterization and Detection Using Deep Learning , 2016 .

[6]  Adam Doupé,et al.  Deep Android Malware Detection , 2017, CODASPY.

[7]  Razvan Pascanu,et al.  Malware classification with recurrent networks , 2015, 2015 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[8]  Daniel Gibert Llauradó Convolutional neural networks for malware classification , 2016 .

[9]  Sung-Bae Cho,et al.  Human activity recognition with smartphone sensors using deep learning neural networks , 2016, Expert Syst. Appl..

[10]  Jiawei Han,et al.  Data Mining: Concepts and Techniques , 2000 .

[11]  Claudia Eckert,et al.  Deep Learning for Classification of Malware System Call Sequences , 2016, Australasian Conference on Artificial Intelligence.

[12]  Jack W. Stokes,et al.  Large-scale malware classification using random projections and neural networks , 2013, 2013 IEEE International Conference on Acoustics, Speech and Signal Processing.

[13]  Geoffrey E. Hinton,et al.  ImageNet classification with deep convolutional neural networks , 2012, Commun. ACM.

[14]  Theodoros Giannakopoulos,et al.  Speech-music discrimination using deep visual feature extractors , 2018, Expert Syst. Appl..

[15]  B. Chandra,et al.  Deep learning with adaptive learning rate using laplacian score , 2016, Expert Syst. Appl..

[16]  Rong Huang,et al.  Web spam classification method based on deep belief networks , 2018, Expert Syst. Appl..

[17]  Konstantin Berlin,et al.  Deep neural network based malware detection using two dimensional binary program features , 2015, 2015 10th International Conference on Malicious and Unwanted Software (MALWARE).

[18]  Geong Sen Poh,et al.  Searchable Symmetric Encryption , 2017, ACM Comput. Surv..

[19]  Vasudha Bhatnagar,et al.  K-means Clustering Algorithm for Categorical Attributes , 1999, DaWaK.

[20]  Songqing Yue,et al.  Imbalanced Malware Images Classification: a CNN based Approach , 2017, ArXiv.

[21]  Jürgen Schmidhuber,et al.  Long Short-Term Memory , 1997, Neural Computation.

[22]  Kai Chen,et al.  Collaborative filtering and deep learning based recommendation system for cold start items , 2017, Expert Syst. Appl..

[23]  Hassan B. Kazemian,et al.  Comparisons of machine learning techniques for detecting malicious webpages , 2015, Expert Syst. Appl..

[24]  Takeshi Yagi,et al.  Malware Detection with Deep Neural Network Using Process Behavior , 2016, 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC).

[25]  Sean Owen,et al.  Mahout in Action , 2011 .

[26]  Kevin Jones,et al.  Early Stage Malware Prediction Using Recurrent Neural Networks , 2017, Comput. Secur..

[27]  Pierre Baldi,et al.  Assessing the accuracy of prediction algorithms for classification: an overview , 2000, Bioinform..

[28]  Bhavani M. Thuraisingham,et al.  Cloud-based malware detection for evolving data streams , 2011, ACM Trans. Manag. Inf. Syst..

[29]  Niklas Lavesson,et al.  Comparative Analysis of Voting Schemes for Ensemble-based Malware Detection , 2013, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..