SLAM: A Malware Detection Method Based on Sliding Local Attention Mechanism

Since the number of malware is increasing rapidly, it continuously poses a risk to the field of network security. Attention mechanism has made great progress in the field of natural language processing. At the same time, there are many research studies based on malicious code API, which is also like semantic information. It is a worthy study to apply attention mechanism to API semantics. In this paper, we firstly study the characters of the API execution sequence and classify them into 17 categories. Secondly, we propose a novel feature extraction method based on API execution sequence according to its semantics and structure information. Thirdly, based on the API data characteristics and attention mechanism features, we construct a detection framework SLAM based on local attention mechanism and sliding window method. Experiments show that our model achieves a better performance, which is a higher accuracy of 0.9723.

[1]  Bo Yu,et al.  Automatic malware classification and new malware detection using machine learning , 2017, Frontiers of Information Technology & Electronic Engineering.

[2]  Kai Zhang,et al.  Collaborative Support Vector Machine for Malware Detection , 2017, ICCS.

[3]  Fred Cohen,et al.  Computer viruses—theory and experiments , 1990 .

[4]  Francesco Palmieri,et al.  Malware detection in mobile environments based on Autoencoders and API-images , 2020, J. Parallel Distributed Comput..

[5]  Mingdong Tang,et al.  Dynamic API call sequence visualisation for malware classification , 2019, IET Inf. Secur..

[6]  Jun Chen,et al.  An API Semantics-Aware Malware Detection Method Based on Deep Learning , 2019, Secur. Commun. Networks.

[7]  Bo Li,et al.  Android Malware Analysis and Detection Based on Attention-CNN-LSTM , 2019, J. Comput..

[8]  Yong Wang,et al.  MalInsight: A systematic profiling based malware detection framework , 2019, J. Netw. Comput. Appl..

[9]  Zhou Xiao,et al.  ASSCA: API based Sequence and Statistics features Combined malware detection Architecture , 2018 .

[10]  Sitalakshmi Venkatraman,et al.  Detecting malicious behaviour using supervised learning algorithms of the function calls , 2013, Int. J. Electron. Secur. Digit. Forensics.

[11]  Sitalakshmi Venkatraman,et al.  Use of Data Visualisation for Zero-Day Malware Detection , 2018, Secur. Commun. Networks.

[12]  Yi Sun,et al.  Malware Detection Based on Deep Learning of Behavior Graphs , 2019, Mathematical Problems in Engineering.