MDFRCNN: Malware Detection using Faster Region Proposals Convolution Neural Network.
DOI:
https://doi.org/10.9781/ijimai.2021.09.005Keywords:
Malware, Convolutional Neural Network (CNN), Faster RCNN (F-RCNN), Classification, Malware Static, Dynamic AnalysisAbstract
Technological advancement of smart devices has opened up a new trend: Internet of Everything (IoE), where all devices are connected to the web. Large scale networking benefits the community by increasing connectivity and giving control of physical devices. On the other hand, there exists an increased ‘Threat’ of an ‘Attack’. Attackers are targeting these devices, as it may provide an easier ‘backdoor entry to the users’ network’.MALicious softWARE (MalWare) is a major threat to user security. Fast and accurate detection of malware attacks are the sine qua non of IoE, where large scale networking is involved. The paper proposes use of a visualization technique where the disassembled malware code is converted into gray images, as well as use of Image Similarity based Statistical Parameters (ISSP) such as Normalized Cross correlation (NCC), Average difference (AD), Maximum difference (MaxD), Singular Structural Similarity Index Module (SSIM), Laplacian Mean Square Error (LMSE), MSE and PSNR. A vector consisting of gray image with statistical parameters is trained using a Faster Region proposals Convolution Neural Network (F-RCNN) classifier. The experiment results are promising as the proposed method includes ISSP with F-RCNN training. Overall training time of learning the semantics of higher-level malicious behaviors is less. Identification of malware (testing phase) is also performed in less time. The fusion of image and statistical parameter enhances system performance with greater accuracy. The benchmark database from Microsoft Malware Classification challenge has been used to analyze system performance, which is available on the Kaggle website. An overall average classification accuracy of 98.12% is achieved by the proposed method.
Downloads
References
E. Gandotra, D. Bansal, and S. Sofat, “Malware analysis and classification: A survey,” Journal of Information Security, vol. 5, no. 02, pp. 56, 2014.
Sahs, Justin & Khan, Latifur, “A Machine Learning Approach to Android Malware Detection” Proceedings - European Intelligence and Security Informatics Conference, EISIC 2012, pp. 141-147, 2012.
M. P. Deore and U.V. Kulkarni, “Malware Detection Techniques and its Classification: A Survey”, International Journal of Research in Electronics AND Computer Engineering (IJRECE), vol. 6, no. 4, pp. 63-71, 2018.
E. Bou-Harb, M. Debbabi and C. Assi, “Cyber Scanning: A Comprehensive Survey,” in IEEE Communications Surveys & Tutorials, vol. 16, no. 3, pp. 1496-1519, 2014.
M. P. Deore, U.V. Kulkarni and B.M. Patre, “Malware Classification Using Machine Learning: A Survey”, Journal of Advanced Research in Dynamical and Control Systems (JARDCS), vol. 10, Issue no. 10, pp. 181-190, 2018.
Cohen, W. W, “Learning to classify English text with ILP methods”, In Advances in Inductive Logic Programming, L. De Raedt, ed. IOS Press, Amsterdam, The Netherlands, pp. 124-143, 2002.
M. G. Schultz, E. Eskin, F. Zadok, S. J. Stolfo, “Data mining methods for detection of new malicious executable”, Security and Privacy, Proceedings. 2001 IEEE Symposium, pp. 38-49, 2001.
J. Z. Kolter, M. A. Maloof, “Learning to detect and classify malicious executables in the wild”, Journal Machine Learning Research. 7, pp. 21-44, 2006.
R. Tian, L. M. Batten, S. C. Versteeg, “Function length as a tool for malware classification”, in: Malicious and Unwanted Software, MALWARE 2008. 3rd International Conference on, pp. 69-76, 2008.
Zolkipli Mohamad Fadli, Aman Jantan, “An approach for malware behavior identification and classification”, Computer Research and Development (ICCRD) 2011 3rd International Conference on, vol. 1, 2011.
Shankarapani, M., Ramamoorthy, S., Movva, R., Mukkamala, S., “Malware detection using assembly and api call sequences”. J. Comput. Virol. pp. 1–13, 2010.
D. Kong, G. Yan, “Discriminant malware distance learning on structural information for automated malware classification”, in: ACM SIGKDD ‘13, nKDD ‘13, ACM, New York, NY, USA, pp. 1357-1365, 2013.
Santos I., Devesa J., Brezo F., Nieves J., Bringas P.G, “OPEM: A Static-Dynamic Approach for Machine-Learning-Based Malware Detection”, International Joint Conference CISIS’12-ICEUTE´12-SOCO´12 Special Sesstelligent Systems and Computing. Springer, Berlin, Heidelberg, vol. 189 2013b.
B. Gu, Y. Fang, P. Jia, L. Liu, L. Zhang and M. Wang, “A New Static Detection Method of Malicious Document Based on Wavelet Package Analysis,” 2015 International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP), 2015, pp. 333-336,2015.
Q. Li and X. Li, “Android Malware Detection Based on Static Analysis of Characteristic Tree,” 2015 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery, Xi’an, pp. 84-91, 2015.
Yoo, In Seon, “Visualizing windows executable viruses using self-organizing maps”, pp. 82-89, 2004.
D. A. Quist and L. M. Liebrock, “Visualizing compiled executables for malware analysis”, 6th International Workshop on Visualization for Cyber Security, Atlantic City, NJ, pp. 27-32, 2009.
P. Trinius, T. Holz, J. Göbel and F. C. Freiling, “Visual analysis of malware behavior using tree maps and thread graphs”, 6th International Workshop on Visualization for Cyber Security, Atlantic City, NJ, pp. 33-38, 2009.
Nataraj, L., Karthikeyan, S., Jacob, G. and Manjunath B, “Malware Images: Visualization and Automatic Classification”, Proceedings of the 8th International Symposium on Visualization for Cyber Security, Article No. 4, 2011.
K. Kancherla and S. Mukkamala, “Image visualization based malware detection”, IEEE Symposium on Computational Intelligence in Cyber Security (CICS), Singapore, pp. 40-44, 2013.
S. Han, H. Mao, and W. J. Dally, “Deep compression: Com-pressing deep neural network with pruning, trained quantization and Huffman coding”, CoRR, abs/1510.00149, 2, 2015.
M. Arefkhani and M. Soryani, “Malware clustering using image processing hashes”, 9th Iranian Conference on Machine Vision and Image Processing (MVIP), Tehran, pp. 214-218,2015.
Wu Q., Qin Z., Zhang J., Yin H., Yang G., Hu K, “Android Malware Detection Using Local Binary Pattern and Principal Component Analysis”, In: Zou B., Li M., Wang H., Song X., Xie W., Lu Z. (eds) Data Science. ICPCSEE 2017. Communications in Computer and Information Science, vol 727. Springer, Singapore, 2017.
S. Rezaei, A. Afraz, F. Rezaei, M. R. Shamani, “Malware detection using opcodes statistical features”, in: 2016 8th International Symposium on Telecommunications (IST), pp. 151–155, 2016.
B. Kolosnjaji, G. Eraisha, G. Webster, A. Zarras and C. Eckert, “Empowering convolutional networks for malware classification and analysis,” 2017 International Joint Conference on Neural Networks (IJCNN), Anchorage, AK, pp. 3838-3845, 2017.
S. Dübel, M. Röhlig, H. Schumann and M. Trapp, “2D and 3D presentation of spatial data: A systematic review,” 2014 IEEE VIS International Workshop on 3DVis (3DVis), 2014, pp. 11-18, doi: 10.1109/3DVis.2014.7160094.
N. Cao and W. Cui, “Introduction to Text Visualization”, Atlantis Press, Paris, 2016.
D. Keim, “Information visualization and visual data mining”, IEEE Transactions on Visualization and Computer Graphics, vol. 8, no. 1, pp. 1–8, 2002.
S. Few, “Information Dashboard Design - The Effective Visual Communication of Data”, Sebastopol, CA: O’Reilly, 2006.
J. Jacobs and B. Rudis, “Data-driven security analysis, visualization, and dashboards”, in Indianapolis, John Wiley & Sons, 2014.
N. Cao, L. Lu, Y.-R. Lin, F. Wang, and Z. Wen, “Social Helix: visual analysis of sentiment divergence in social media”, Journal of Visualization, vol. 18, no. 2, pp. 221–235, 2015.
T. Songqing, “Imbalanced Malware Images Classification: a CNN based Approach”, arXiv:1708.08042, 2017.
W. B. Balakrishnan, “Security Data Visualisation”, SANS Institute Inc, 2014.
N. Diakopoulos, D. Elgesem, A. Salway, A. Zhang, and K. Hofland, “Compare clouds: visualizing text corpora to compare media frames”, in Proceedings of IUI Workshop on Visual Text Analytics, 2015.
H. Shiravi, A. Shiravi, and A. A. Ghorbani, “A survey of visualization systems for network security”, IEEE Transactions on Visualization and Computer Graphics, vol. 18, no. 8, pp.1313–1329, 2012.
Venkatraman, Sitalakshmi and Mamoun Alazab, “Use of Data Visualisation for Zero-Day Malware Detection”, Security and Communication Networks, 1728303:1-1728303:13.,2018.
T.Y. Zhang, X.M. WangLi, Z.Z. Li, F. Guo, Y. Ma, and W. Chen, “Survey of network anomaly visualization”, Scince China Information Sciences, vol. 60, no. 12, 2017.
W. Shanks, “Enhancing Intrusion Analysis through Data Visualization”, SANS Institute, Inc, 2015.
S. Foresti, J. Agutter, Y. Livnat, S. Moon, and R. Erbacher, “Visual correlation of network alerts”, IEEE Computer Graphics and Applications, vol. 26, no. 2, pp. 48–59, 2006.
M. Wagner, D. Sacha, A. Rind et al., ”Visual Analytics: Foundations and Experiences in Malware Analysis,” in book: Empirical Research for Software Security: Foundations and Experience, L. ben Othmane, M. Gilje Jaatun, and E. Weippl, Eds., CRC/Taylor and Francis, pp. 139–171, 2017.
K. Han, J. H. Lim, and E. G. Im, “Malware analysis method using visualization of binary files,” in Proceedings of the the2013 Research in Adaptive and Convergent Systems, Montreal, Quebec, Canada, pp. 317–321, 2013.
L. Nataraj, S. Karthikeyan, G. Jacob, and B. S. Manjunath, “Malware images: Visualization and automatic classification”, in Proceedings of the 8th International Symposium on Visualization for Cyber Security, (VizSec ’11), USA, 2011.
N. Nissim, R. Moskovitch, L. Rokach, Y. Elovici, “Novel active learning methods for enhanced pc malware detection in windows OS”, Expert Systems with Applications, vol. 41, no. 13, pp. 5843–5857, 2014.
S. M. Tabish, M. Z. Shafiq, M. Farooq, Malware detection using statistical analysis of byte-level file content, in: Proceedings of the ACM SIGKDD Workshop on Cyber Security and Intelligence Informatics, CSI-KDD ’09, pp. 23–31, 2009.
W. Wong, M. Stamp, “Hunting for metamorphic engines”, Journal in Computer Virology, vol. 2, no. 3, pp. 211-229, 2006.
S. Attaluri, S. McGhee, M. Stamp, “Profile hidden Markova models and metamorphic virus detection”, Journal in Computer Virology, pp. 151-169, 2009.
M. Siddiqui, M. C. Wang, J. Lee, “Detecting internet worms using data mining techniques”, Journal of Systemic, Cybernetics and Informaticsm, pp. 48-53, 2009.
I. Santos, J. Nieves, P. G. Bringas, “Semi-supervised Learning for Unknown Malware Detection”, International, Symposium on Distributed Computing and Artificial Intelligence, Springer Berlin Heidelberg Berlin, Heidelberg, pp. 415-422, 2011.
Z. Chen, M. Roussopoulos, Z. Liang, Y. Zhang, Z. Chen, A. Delis, “Malware characteristics and threats on the internet ecosystem”, Journal of Systems and Software, pp. 1650-1672, 2012.
J. Yonts, “Attributes of malicious files”, Tech. rep., The SANS Institute, 2012.
X. Hu, K. G. Shin, S. Bhatkar, K. Grin, Mutantx-s, “Scalable malware clustering based on static features”, in: USENIX Annual Technical Conference, pp. 187-198, 2013.
D. Kong, G. Yan, “Discriminant malware distance learning on structural information for automated malware classification”, in: ACM SIGKDD ‘13, nKDD ‘13, ACM, New York, NY, USA, pp. 1357-1365, 2013.
I. Santos, F. Brezo, X. Ugarte-Pedrero, P. G. Bringas, “Opcode sequences as representation of executables for data-mining-based unknown malware detection”, Information Sciences 231 pp.64-82, 2013.
P. Vadrevu, B. Rahbarinia, R. Perdisci, K. Li, M. Antonakakis, “Measuring and detecting malware downloads in live network traffic”, in: Computer Security ESORICS 2013: 18th European Symposium on Research in Computer Security, Egham, UK, September 9-13, 2013. Proceedings, Springer Berlin Heidelberg, Berlin, Heidelberg, pp. 556-573, 2013.
J. Bai, J. Wang, G. Zou, “A malware detection scheme based on mining format information”, The Scientific World Journal, 2014.
A. Tamersoy, K. Roundy, D. H. Chau, “Guilt by association: large scale malware detection by mining file-relation graphs”, in: Proceedings of the 20th ACM SIGKDD, ACM, pp. 1524-1533, 2014.
M. Ahmadi, G. Giacinto, D. Ulyanov, S. Semenov, M. Tromov, “Novel feature extraction, selection and fusion for effective malware family classification”, arXiv:1511.04317, 2016.
M. Egele, T. Scholte, E. Kirda, C. Kruegel, “A survey on automated dynamic malware-analysis techniques and tools”, ACM computing surveys (CSUR), 2012.
Z. Feng, S. Xiong, D. Cao, X. Deng, X. Wang, Y. Yang, X. Zhou, Y. Huang, G. Wu, “Hrs: A hybrid framework for malware detection”, In Proceedings of the 2015 ACM International Workshop on Security and Privacy Analytics, ACM, pp. 19-26, 2015.
M. Gharacheh, V. Derhami, S. Hashemi, S. M. H. Fard, “Proposing an hmm-based approach to detect metamorphic malware”, Fuzzy and Intelligent Systems (CFIS), pp. 1-5, 2015.
P. Khodamoradi, M. Fazlali, F. Mardukhi, M. Nosrati, “Heuristic metamorphic malware detection based on statistics of assembly instructions using classification algorithms”, in: Computer Architecture and Digital Systems (CADS), 2015 18th CSI International Symposium on, IEEE, pp.1-6, 2015.
Pai, S., Troia, F.D., Visaggio, C.A. “Clustering for malware classification”, Journal Computer Virology, Hack Tech13, pp. 95–107, 2017.
J. Sexton, C. Storlie, B. Anderson, “Subroutine based detection of APT malware”, Journal of Computer Virology and Hacking Techniques, pp. 1-9, 2015.
T. Lee, J. J. Mody, “Behavioral classification”, In EICAR Conference, pp. 1-17, 2006.
M. Bailey, J. Oberheide, J. Andersen, Z. M. Mao, F. Jahanian, J. Nazario, “Automated classification and analysis of internet malware”, In Recent advances in intrusion detection, Springer, pp. 178-197, 2007.
U. Bayer, P. M. Comparetti, C. Hlauschek, C. Kruegel, E. Kirda, Scalable, “Behavior-based malware clustering”, In NDSS, vol. 9, pp. 8-11, 2009.
I. Firdausi, C. Lim, A. Erwin, A. S. Nugroho, “Analysis of machine learning techniques used in behavior-based malware detection”, in: ACT ‘10, IEEE, pp. 201-203, 2010.
Y. Park, D. Reeves, V. Mulukutla, B. Sundaravel, “Fast malware classification by automated behavioral graph matching”, in: Workshop on Cyber Security and Information Intelligence Research, ACM, pp. 45, 2010.
B. Anderson, D. Quist, J. Neil, C. Storlie, T. Lane, “Graph-based malware detection using dynamic analysis”, Journal in Computer Virology, vol. 7, no. 4, pp. 247-258, 2011.
M. Lindorfer, C. Kolbitsch, P. M. Comparetti, “Detecting environment sensitive malware”, in: Recent Advances in Intrusion Detection, Springer, pp. 338-357, 2011.
K. Rieck, P. Trinius, C. Willems, T. Holz, “Automatic analysis of malware behavior using machine learning”, Journal of Computer Security, vol. 19, no. 4, pp. 639-668, 2011.
P. M. Comar, L. Liu, S. Saha, P. N. Tan, A. Nucci, “Combining supervised and unsupervised learning for zero-day malware detection”, in: INFOCOM, 2013 Proceedings IEEE, pp. 2022-2030, 2013.
G. E. Dahl, J. W. Stokes, L. Deng, D. Yu, “Large-scale malware classification using random projections and neural networks”, in: Acoustics, Speech and Signal Processing (ICASSP), IEEE, pp. 3422-3426, 2013.
S. Nari, A. A. Ghorbani, “Automated malware classification based on network behavior”, in: Computing, Networking and Communications (ICNC), 2013 International Conference on, IEEE, pp. 642-647, 2013.
S. Palahan, D. Babi_c, S. Chaudhuri, D. Kifer, “Extraction of statistically significant malware behaviors”, in: Computer Security Applications Conference, ACM, pp. 69-78, 2013.
M. Kruczkowski, E. N. Szynkiewicz, “Support vector machine for malware analysis and classification”, in: Web Intelligence (WI) and Intelligent Agent Technologies (IAT), IEEE Computer Society, pp. 415-420, 2014.
D. Uppal, R. Sinha, V. Mehra, V. Jain, “Malware detection and classification based on extraction of api sequences”, in: ICACCI, IEEE, pp. 2337-2342, 2014.
A. Elhadi, M.A. Maarof, B. Barry, “Improving the Detection of Malware Behaviour Using Simplified Data Dependent API Call Graph”, International Journal of Security and Its Applications, vol. 7, no. 5, pp. 29-42, 2013.
M. Ghiasi, A. Sami, Z. Salehi, “Dynamic VSA: a framework for malware detection based on register contents”, Engineering Applications of Artificial Intelligence, pp. 111-122, 2015.
N. Kawaguchi, K. Omote, “Malware function classification using apis in initial behavior”, in: Information Security (AsiaJCIS), 2015 10th Asia Joint Conference on, IEEE, pp. 138-144, 2015.
C.-T. Lin, N.-J. Wang, H. Xiao, C. Eckert, “Feature selection and extraction for malware classification”, Journal of Information Science and Engineering, vol. 31, no. 3, pp. 965-992, 2015.
A. Mohaisen, O. Alrawi, M. Mohaisen, “Amal: High-fidelity, behavior based automated malware analysis and classification”, Computers & security, vol. 52, pp. 251-266, 2015.
T. Wuchner, M. Ochoa, A. Pretschner, “Robust and effective malware detection through quantitative data flow graph metrics,” in: Detection of Intrusions and Malware, and Vulnerability Assessment, Springer, pp. 98-118, 2015.
G. Liang, J. Pang, C. Dai, “A behavior-based malware variant classification technique”, International Journal of Information and Education Technology, vol. 6, pp. 291, 2016.
J. Jang, D. Brumley, S. Venkataraman, “Bitshred: feature hashing malware for scalable triage and semantic analysis”, in: Computer and communications security, ACM, pp. 309-320, 2011.
B. Anderson, C. Storlie, T. Lane, “Improving malware classification: bridging the static/dynamic gap”, in: Proceedings of the 5th ACM workshop on Security and artificial intelligence, ACM, pp. 3-14, 2012.
M. Eskandari, Z. Khorshidpour, S. Hashemi, “Hdm-analyser: a hybrid analysis approach based on data mining techniques for malware detection”, Journal of Computer Virology and Hacking Techniques, vol. 9, pp. 77-93, 2013.
R. Islam, R. Tian, L. M. Batten, S. Versteeg, “Classification of malware based on integrated static and dynamic features”, Journal of Network and Computer Applications, pp. 646-656, 2013.
M. Egele, M. Woo, P. Chapman, D. Brumley, “Blanket execution: Dynamic similarity testing for program binaries and components”, in: USENIX Security 14, USENIX Association, San Diego, CA, pp. 303-317, 2014.
M. Graziano, D. Canali, L. Bilge, A. Lanzi, D. Balzarotti, “Needles in a haystack: Mining information from public dynamic analysis sandboxes for malware intelligence”, in: USENIX Security ‘15, pp. 1057-1072, 2015.
M. Polino, A. Scorti, F. Maggi, S. Zanero, “Jackdaw: Towards Automatic Reverse Engineering of Large Datasets of Binaries, in: Detection of Intrusions and Malware”, and Vulnerability Assessment, Lecture Notes in Computer Science, Springer International Publishing, pp. 121-143, 2015.
P. Vadrevu, R. Perdisci, “MAXS: Scaling Malware Execution with Sequential Multi-Hypothesis Testing”, in: ASIA CCS ‘16, ASIA CCS ‘16, ACM, New York, NY, USA, pp. 771-782, 2016.
M. P. Deore and U.V. Kulkarni, “Static Way of Effective Feature Extraction and Malware Classification”, Online International Interdisciplinary Research Journal, International Conference on Recent Multidisciplinary Research (ICRMR-2018), Organized and Hosted by Foundation of Innovative Research at conference center, AIT, Thailand, vol. 8, no 2, pp. 81-93, 2018.
M. Asquith, “Extremely scalable storage and clustering of malware metadata”, Journal of Computer Virology and Hacking Techniques, pp. 1-10, 2015.
W. Mao, Z. Cai, D. Towsley, X. Guan, “Probabilistic inference on integrity for access behavior based malware detection”, in: International Workshop on Recent Advances in Intrusion Detection, Springer, pp. 155-176, 2015.
F. Ahmed, H. Hameed, M. Z. Shafiq, M. Farooq, “Using spatio-temporal information in api calls with machine learning algorithms for malware detection”, in: Proceedings of the 2nd ACM workshop on Security and artificial intelligence, ACM, pp. 55-62, 2009.
E. Raff, C. Nicholas, “An alternative to ncd for large sequences, lempel-zivjaccard distance”, in: Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, ACM, pp. 1007-1015, 2017.
D. H. Chau, C. Nachenberg, J. Wilhelm, A. Wright, C. Faloutsos, “Polonium: Tera-scale graph mining for malware detection”, in: ACM SIGKDD Conference on Knowledge Discovery and Data Mining, pp. 131-142, 2010.
Y. Ye, T. Li, Y. Chen, Q. Jiang, “Automatic malware categorization using cluster ensemble”, in: Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining, ACM, pp. 95-104, 2010.
M. Lindorfer, C. Kolbitsch, P. M. Comparetti, “Detecting environment sensitive malware”, in: Recent Advances in Intrusion Detection, Springer, pp. 338-357, 2011.
B. J. Kwon, J. Mondal, J. Jang, L. Bilge, T. Dumitras, “The dropper effect: Insights into malware distribution with downloader graph analytics”, in: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, ACM, pp. 1118-1129, 2015.
J. Saxe, K. Berlin, “Deep neural network based malware detection using two dimensional binary program features, in: Malicious and Unwanted 47Software (MALWARE)”, 2015 10th International Conference on, IEEE, pp. 11-20, 2015.
K. Huang, Y. Ye, Q. Jiang, Ismcs: an intelligent instruction sequence based malware categorization system, in: Anti-counterfeiting, Security, and Identification in Communication, 2009, IEEE, pp. 509-512, 2009.
Hardy, W. Chen, L. Hou, S. Ye, Y. Li X, “A deep learning framework for intelligent malware detection”, In Proceedings of the International Conference Data Mining (ICDM), Barcelona, Spain, pp. 61, 2016.
Wang X., Yiu S.M. “A multi-task learning model for malware classification with useful file access pattern from API call sequence”, arXiv, arXiv:1610.05945, 2016.
Javaid, Salman., “Analysis and Detection of Heap-based Malwares Using Introspection in a Virtualized Environment.”, University of New Orleans Theses and Dissertations. 1875. 2014.
Ma, T.; Wang, F.; Cheng, J.; Yu, Y.; Chen, X., “A Hybrid Spectral Clustering and Deep Neural Network Ensemble Algorithm for Intrusion Detection in Sensor Networks.”, Sensors, 1701.,2016.
Aminanto, M.E., Kim, K., “Deep Learning-Based Feature Selection for Intrusion Detection System in Transport Layer”, Available online: https://pdfs.semanticscholar.org/bf07/e753401b36662eee7b8cd6c65cb8cfe31562.pdf (accessed on 23 February 2019).
Diro, A.A. Chilamkurti, N., “Deep learning: The frontier for distributed attack detection in Fog-to-Things computing”, IEEE Communication, pp. 169–175, 2018.
Chawla, S., “eep Learning Based Intrusion Detection System for Internet of Things”, University of Washington: Seattle, WA, USA, 2017.
Cox, J.A. James, C.D. Aimone, J.B., “A signal processing approach for cyber data classification with deep neural networks”, Procedia Comput. Sci., pp. 61, 349–354, 2015.
Wang, Z. “The Applications of Deep Learning on Traffic Identification”, Black Hat: Washington, DC, USA, 2015.
Lotfollahi, M.; Shirali, R.; Siavoshani, M.J.; Saberian, M., “Deep Packet: A Novel Approach for Encrypted Traffic Classification Using Deep Learning”, arXiv:1709.02656, 2017.
Mi, G.; Gao, Y.; Tan, Y., “Apply stacked auto-encoder to spam detection”, In Proceedings of the International Conference in Swarm Intelligence, Beijing, China, 26–29, pp. 3–15,2015.
Loukas, G., Vuong, T., Heartfield, R., Sakellari, G., Yoon, Y., Gan, D., “Cloud-based cyber-physical intrusion detection for vehicles using Deep Learning”, pp. 3491–3508, 2018.
Diro, A.A.; Chilamkurti, N. Leveraging LSTM Networks for Attack Detection in Fog-to-Things Communications”, IEEE Commun. Mag. 56, pp. 124–130, 2018.
Shi, C.; Liu, J.; Liu, H.; Chen, Y., “Smart user authentication through actuation of daily activities leveraging WiFi-enabled IoT ”, In Proceedings of the 18th ACM International Symposium on Mobile Ad Hoc Networking and Computing, Chennai, India, ACM: New York, NY, USA, pp. 10–14, 2017.
Yousefi-Azar, M. Varadharajan, V. Hamey, L. Tupakula, U. Auto encoder-based feature learning for cyber security applications. In Proceedings of the 2017 International Joint Conference Neural Networks (IJCNN) Anchorage, AK, USA, 14–19, pp. 3854–3861, 2017.
Abdulhammed, R., Faezipour, M., Abuzneid, A., AbuMallouh, A., “Deep and machine learning approaches for anomaly-based intrusion detection of imbalanced network traffic”, IEEE Sens. Lett., 2018.
Nadeem M., Marshall O., Singh, S., Fang, X., Yuan X., Semi-Supervised Deep Neural Network for Network Intrusion Detection”, Available online: https://digitalcommons.kennesaw.edu/ccerp/2016/Practice/2/ (accessed on 23 February 2019).
Alom, M.Z. Taha, T.M., “Network intrusion detection for cyber security using unsupervised deep learning approaches”, In Proceedings of the 2017 IEEE National Aerospace and Electronics Conference (NAECON), Dayton, OH, USA, 27–30, pp. 63–69, June 2017.
Mirsky, Y.; Doitshman, T.; Elovici, Y.; Shabtai, A. Kitsune: “An ensemble of auto encoders for online network intrusion detection”, arXiv:1802.09089., 2018.
David, O.E.; Netanyahu, N.S. “Deep sign: Deep learning for automatic malware signature generation and classification”, In Proceedings of the 2015 International Joint Conference Neural Networks (IJCNN), Killarney, Ireland, pp. 1–8., 2015.
Saxe, J.; Berlin, K. “Deep neural network based malware detection using two dimensional binary program features”, In Proceedings of the 10th International Conference Malicious and Unwanted Software (MALWARE), Washington, DC, USA, pp. 11–20, 2015.
Mizuno, S.; Hatada, M.; Mori, T.; Goto, S. “Bot Detector: A robust and scalable approach toward detecting malware-infected devices”, In Proceedings of the 2017 IEEE International Conference Communications (ICC), Paris, France; pp. 1–7, 2017.
S. Srakaew, W. Piyanuntcharatsr, S. Adulkasem, On the comparison of malware detection methods using data mining with two feature sets”, Journal of Security and Its Applications, pp. 293-318, 2015.
Grosse, K.; Papernot, N.; Manoharan, P.; Backes, M.; McDaniel, P., “Adversarial perturbations against deep neural networks for malware classification”, arXiv:1606.04435, 2016.
Cordonsky, I.; Rosenberg, I.; Sicard, G.; David, E.O., “Deep Origin: End-toend deep learning for detection of new malware families”, In Proceedings of the 2018 International Joint Conference on Neural Networks (IJCNN), Rio de Janeiro, Brazil; pp. 1–7,2018.
Huang, W.; Stokes, J.W., “MtNet: A multi-task neural network for dynamic malware classification. In Proceedings of the International Conference Detection of Intrusions and Malware, and Vulnerability Assessment”, Donostia-San Sebastián, Spain, pp. 399–418, 2016.
Roy, S.S.; Mallik, A.; Gulati, R.; Obaidat, M.S.; Krishna, P.V. “A Deep Learning Based Artificial Neural Network Approach for Intrusion Detection”, In Proceedings of the International Conference Mathematics and Computing, Haldia, India, pp. 44–53, 2017.
Tang, T.A. Mhamdi, L. McLernon, D. Zaidi, S.A.R. Ghogho, M., “Deep learning approach for network intrusion detection in software defined networking”, In Proceedings of the 2016 International Conference Wireless Networks and Mobile Communication (WINCOM), Fez, Morocco, pp. 258–263, 2016.
Diro, A.A. Chilamkurti, N. Distributed attack detection scheme using deep learning approach for internet of things”, Future Gener. Comput. Syst., 82, 761–768, 2018.
Mi, G.; Gao, Y.; Tan, Y. “Apply stacked auto-encoder to spam detection”, In Proceedings of the International Conference in Swarm Intelligence, Beijing, China; pp. 3–15, 2015.
Yu, Y.; Long, J.; Cai, Z., “Network intrusion detection through stacking dilated convolutional auto encoders”, Secur. Commun. Netw., 2017.
Gibert, D., “Convolutional Neural Networks for Malware Classification”, Universit at Politècnica de Catalunya: Barcelona, Spain, 2016.
Zeng, F.; Chang, S.; Wan, X., “Classification for DGA-Based Malicious Domain Names with Deep Learning Architectures”, Int. J. Intell. Inf. Syst., 6, pp. 67–71, 2017.
Yamanishi, K., “Detecting Drive-By Download Attacks from Proxy Log Information Using Convolutional Neural Network”, Osaka University: Osaka, Japan, 2017.
McLaughlin, N. del Rincon, J.M. Kang, B. Yerima, S. Miller, P. Sezer, S. Safaei, Y. Trickel, E. Zhao, Z. Doupe, A., “Deep android malware detection”, In Proceedings of the 7th ACM on Conference on Data and Application Security and Privacy, Scottsdale, AZ, USA, pp. 301–308, 2017.
Wang, W. Zhu, M. Zeng, X. Ye, X. Sheng, Y., “Malware traffic classification using convolutional neural network for representation learning. In Proceedings of the IEEE 2017 International Conference on Information Networking (ICOIN), Da Nang, Vietnam pp. 712–717, 2017.
Wang, W. Zhu, M. Wang, J. Zeng, X. Yang, Z., “End-to-end encrypted traffic classification with one-dimensional convolution neural networks”, In Proceedings of the 2017 IEEE International Conference Intelligence and Security Informatics (ISI), Beijing, China, pp. 43–48., 2017.
Shibahara, T. Yamanishi, K. Takata, Y. Chiba, D. Akiyama, M. Yagi, T. Ohsita, Y. Murata, M., “Malicious URL sequence detection using event de-noising convolutional neural network”, In Proceedings of the 2017 IEEE International Conference Communications (ICC), Paris, France, pp. 1–7, 2017.
Hill, G.D. Bellekens, X.J.A., “Deep learning based cryptographic primitive classification”, arXiv2017, arXiv:1709.08385.
Kolosnjaji, B. Zarras, A.Webster, G. Eckert, C., “Deep learning for classification of malware system call sequences”, In Proceedings of the Australasian Joint Conf. on Artificial Intelligence, Hobart, Australia, pp. 137–149,2016.
Tobiyama, S., Yamaguchi, Y. Shimada, H. Ikuse, T., Yagi, T., “Malware detection with deep neural network using process behavior”, In Proceedings of the IEEE 40th Annual Computer Software and Applications Conference (COMPSAC), Atlanta, GA, USA, Volume 2, pp. 577–5822016.
Mac, H. Tran, D. Tong, V. Nguyen, L.G. Tran, H.A., “DGA Botnet Detection Using Supervised Learning Methods”, In Proceedings of the 8th International Symposium on Information and Communication Technology, Nhatrang, Vietnam, pp. 211–218, 2017.
Yu, B. Gray, D.L. Pan, J. de Cock, M. Nascimento, “A.C.A. Inline DGA detection with deep networks”, In Proceedings of the 2017 IEEE International Conference Data Mining Workshops (ICDMW), New Orleans, LA, USA, pp. 683–692.
Anderson, H.S. Woodbridge, J. Filar, B., “DeepDGA: Adversarially-tuned domain generation and detection. In Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security, Vienna, Austria, pp. 13–21, 2016.
Li, Y. Ma, R. Jiao, R., “A hybrid malicious code detection method based on deep learning. Methods 2015, 9, 205–216.
Maimó, L.F. Gómez, A.L.P. Clemente, F.J.G. Pérez, M.G., “A self-adaptive deep learning-based system for anomaly detection in 5G networks”, IEEE Access, 6, pp. 7700–7712, 2018.
Alrawashdeh, K. Purdy C., “Toward an online anomaly intrusion detection system based on deep learning”, In Proceedings of the 15th IEEE International Conference Machine Learning and Applications (ICMLA), Miami, FL, USA, pp. 195–200, 2015.
Yuan, Z. Lu, Y. Wang, Z. Xue, Y., “Droid-sec: Deep learning in android malware detection”, ACM SIGCOMM Comput. Commun. Rev. pp. 44, 371–372, 2014.
Weber M., Schmid M., Schatz M., Geyer D., “A toolkit for detecting and analyzing malicious software”, In Proceedings of the 18th Annual Computer Security Applications Conference, Las Vegas, NV, USA, pp. 423–431, 2002.
Hou, S. Saas, A. Ye, Y. Chen, L., “Droiddelver: An android malware detection system using deep belief network based on API call blocks”, In Proceedings of the International Conference Web-Age Information Manage, Nanchang, China, pp. 54–66, 2016.
Xu, L. Zhang, D. Jayasena, N. Cavazos, J. “HADM: Hybrid analysis for detection of malware”, In Proceedings of the SAI Intelligent Systems Conference, London, UK, pp. 702–724, 2016.
Benchea, R. Gavrilu¸ t, “D.T. Combining restricted Boltzmann machine and one side perceptron for malware detection”, In Proceedings of the International Conference on Conceptual Structures, Iasi, Romania, pp. 93–103,2014.
Zhu, D. Jin, H. Yang, Y. Wu, D. Chen, W., “Deep Flow: Deep learning-based malware detection by mining Android application for abnormal usage of sensitive data”, In Proceedings of the 2017 IEEE Symposium Computers and Communications (ISCC), Herakli on, Greece, pp. 438–443, 2017.
Ye, Y. Chen, L. Hou, S. Hardy, W. Li, X., “DeepAM: A heterogeneous deep learning framework for intelligent malware detection”, Knowl. Inf. Syst., pp. 265–285, 2018.
Gao, N.; Gao, L.; Gao, Q.; Wang, H., “An intrusion detection model based on deep belief networks”, In Proceedings of the 2014 2nd International Conference Advanced Cloud and Big Data (CBD), Huangshan, China, pp. 247–252,2014.
Alom, M.Z. Bontupalli, V. Taha, T.M. Intrusion detection using deep belief networks”, In Proceedings of the 2015 National Aerospace and Electronics Conference (NAECON), Dayton, OH, USA, pp. 339–344, 2015.
Dong, B.; Wang, X. “Comparison deep learning method to traditional methods using for network intrusion detection”, In Proceedings of the 8th IEEE International Conference Communication Software and Networks (ICCSN), Beijing, China, pp. 581–585, 2016.
Kang, M.J. Kang, J.W., “Intrusion detection system using deep neural network for in-vehicle network security”, PLoS ONE, e0155781, 2016.
Nguyen, K.K. Hoang, D.T. Niyato, D., “Wang, P.; Nguyen, P.; Dutkiewicz, E. Cyberattack detection in mobile cloud computing”, A deep learning approach. In Proceedings of the 2018 IEEE Wireless Communications and Networking Conference (WCNC), Barcelona, Spain, pp. 1–6, 2018.
Tzortzis, G.; Likas, A., “Deep Belief Networks for Spam Filtering. in Tools with Artificial Intelligence”, In Proceedings of the 2007 19th IEEE International Conference on ICTAI, Patras, Greece, Volume 2, pp. 306–309, 2007.
He, Y.; Mendis, G.J.; Wei, J., “Real-time detection of false data injection attacks in smart grid A deep learning-based intelligent mechanism”, IEEE Trans. Smart Grid, pp. 2505–2516, 2017.
Ding, Y.; Chen, S.; Xu, J., “Application of Deep Belief Networks for opcode based malware detection”, In Proceedings of the 2016 International Joint Conference on Neural Networks (IJCNN), Vancouver, BC, Canada, pp. 3901–3908, 2016.
J. Upchurch, X. Zhou, “Variant: a malware similarity testing framework”, in: 2015 10th International Conference on Malicious and Unwanted Software (MALWARE), IEEE, pp. 31-39, 2015.
Pascanu, R.; Stokes, J.W.; Sanossian, H.; Marinescu, M.; Thomas, “A. Malware classification with recurrent networks”, In Proceedings of the 2015 IEEE International Conference Acoustics, Speech and Signal Process, (ICASSP), Brisbane, Australia, pp. 1916–1920,2015.
Shibahara, T.; Yagi, T.; Akiyama, M.; Chiba, D.; Yada, T. “Efficient dynamic malware analysis based on network behavior using deep learning”, In Proceedings of the 2016 IEEE Global Communications Conference (GLOBECOM), Washington, DC, USA, pp. 1–7, 2016.
Woodbridge, J.; Anderson, H.S.; Ahuja, A.; Grant, D., “Predicting domain generation algorithms with long short-term memory networks”, arXiv2016, arXiv:1611.00791, 2016.
Lison, P.; Mavroeidis, V., “Automatic Detection of Malware-Generated Domains with Recurrent Neural Models”, arXiv2017, arXiv:1709.07102, 2017.
Tran, D.; Mac, H.; Tong, V.; Tran, H.A.; Nguyen, L.G., “A LSTM based framework for handling multiclass imbalance in DGA botnet detection”, Neurocomputing, pp 2401–2413, 2018.
Torres, P.; Catania, C.; Garcia, S.; Garino, C.G., “An Analysis of Recurrent Neural Networks for Botnet Detection Behavior”, In Proceedings of the 2016 IEEE Biennial Congress of Argentina (ARGENCON), Buenos Aires, Argentina, pp. 1–6, 2016.
Kim, J. Kim, J.; Thu, H.L.T.; Kim, H. “Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection”, In Proceedings of the 2016 International Conference Platform Technology and Service (PlatCon), Jeju, Korea, pp. 1–5, 2016.
Kim, J.; Kim, H. “Applying recurrent neural network to intrusion detection with hessian free optimization”, In Proceedings of the International Conference on Information Security Applications, Jeju Island, Korea, pp. 357–369,2015.
Kim, G.; Yi, H.; Lee, J.; Paek, Y.; Yoon, S., “LSTM-Based System-Call Language Modeling and Robust Ensemble Method for Designing Host-Based Intrusion Detection Systems”, arXiv2016, arXiv:1611.01726, 2016.
Loukas, G. Vuong, T. Heartfield, R.; Sakellari, G. Yoon, Y. Gan, D. “Cloud-based cyber-physical intrusion detection for vehicles using Deep Learning”, IEEE Access, vol. 6, pp. 3491–3508, 2018.
Cheng, M. Xu, Q. Lv, J. Liu, W. Li, Q. Wang, J., “MS-LSTM: A multi-scale LSTM model for BGP anomaly detection”, In Proceedings of the IEEE 24th International Conference Network Protocols (ICNP), Singapore, pp. 1–6,2016.
Kobojek, P.; Saeed, K., “Application of recurrent neural networks for user verification based on keystroke dynamic”, J. Telecommun. Inf. Technol., pp. 80–90., 2016.
McDermott, C.D. Majdani, F. Petrovski, A., “Botnet detection in the internet of things using deep learning approaches”, In Proceedings of the 2018 International Joint Conference on Neural Networks (IJCNN), Rio de Janeiro, Brazil, pp. 1–8, 2018.
Krishnan, R.B.; Raajan, N.R., “An intellectual intrusion detection system model for attacks classification using RNN” Int. J. Pharm. Technol. Pp. 23157–23164, 2016.
Staudemeyer, R.C., “Applying long short-term memory recurrent neural networks to intrusion detection”, S. Afr. Comput. J., pp. 136–154, 2015.
R. Girshick., “Fast R-CNN”, arXiv:1504.08083, 2015.
D. Baysa, R. Low, and M. Stamp., “Structural entropy and metamorphic malware”, Journal of Computer Virology and Hacking Techniques, vol. 9, no. 4, pp. 179–192, 2013.
R. Lyda and J. Hamrock., “Using entropy analysis to find encrypted and packed malware”, IEEE Security and Privacy, vol. 5, no. 2, pp. 40–45,2007.
L. Nataraj, S. Karthikeyan, G. Jacob, and B. S. Manjunath. “Malware images: Visualization and automatic classification”, In Proceedings of the 8th International Symposium on Visualization for Cyber Security, VizSec ’11, pages 4:1–4:7, New York, NY, USA, ACM, 2011.
Zhang, Jixin & Qin, Zheng & Yin, Hui & Ou, Lu & Hu, Yupeng., “IRMD: Malware Variant Detection Using Opcode ImageRecognition”, pp. 1175-1180, 2016.
Mahotasfeatures, http://mahotas.readthedocs.org/en/latest/features.html, 2015.
A. Moser, C. Kruegel, and E. Kirda., “Limits of static analysis for malware detection”, In Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third Annual, pp. 421–430, 2007.
D. Bilar., “Statistical structures: Finger printing malware for classification and analysis”, InBlackhat, 2006.
B. Biggio, I. Corona, D. Maiorca, B. Nelson, N. A ̆arndi ̈ A ̆G, P. Laskov, G. Giacinto, and F. Roli., “Evasion attacks against machine learning at test time”, In H. Blockeel, K. Kersting, S. Nijssen, and F. A¡elezn A¡, editors, Machine Learning and Knowledge Discovery in Databases, volume 8190 of Lecture Notes in Computer Science, pages 387–402, Springer Berlin Heidelberg, 2013.
M. Christodorescu, S. Jha, S. Seshia, D. Song, and R. Bryant. “Semantic-saware malware detection”, In Security and Privacy, 2005 IEEE Symposium on, pp. 32–46, 2005.
B. B. Rao and K. Swathi, “Fast kNN classifiers for network intrusion detection system”, Indian J. Sci. Technol., vol. 10, no. 14, pp. 1-10, 2017.
H. Shapoorifard and P. Shamsinejad, “Intrusion detection using a novel hybrid method incorporating an improved KNN”, Int. J. Comput. Appl., vol. 173, no. 1, pp. 5-9, 2017.
S. Vishwakarma, V. Sharma, and A. Tiwari, “An intrusion detection system using KNN-ACO algorithm”, Int. J. Comput. Appl., vol. 171, no. 10, pp. 18-23, 2017.
E. G. Dada, “A hybridized SVM-kNN-pdAPSO approach to intrusion detection system”, in Proc. Fac. Seminar Ser., pp. 14-21,2017.
B. Ingre, A. Yadav, and A. K. Soni, ``Decision tree based intrusion detection system for NSL-KDD dataset,’’ in Proc. Int. Conf. Inf. Commun. Technol. Intell. Syst., pp. 207-218,2017.
A. J. Malik and F. A. Khan, “A hybrid technique using binary particle swarm optimization and decision tree pruning for network intrusion detection”, Clust. Comput., vol. 2, no. 3, pp. 1-14, Jul. 2017.
D. Moon, H. Im, I. Kim, and J. H. Park, “DTB-IDS: An intrusion detection system based on decision tree using behavior analysis for preventing APT attacks”, J. Supercomput., vol. 73, no. 7, pp. 2881-2895, 2017.
G. Zhao, C. Zhang, and L. Zheng, “Intrusion detection using deep belief network and probabilistic neural network”, in Proc. IEEE Int. Conf. Comput. Sci. Eng., vol. 1, pp. 639-642, 2017.
Q. Tan, W. Huang, and Q. Li, “An intrusion detection method based on DBN in ad hoc networks”, in Proc. Int. Conf. Wireless Commun. SensorNetw., pp. 477-485, 2016.
T.T.H. Le, J. Kim, and H. Kim, “An effective intrusion detection classifier using long short-term memory with gradient descent optimization”, pp. 1-6, 2017.
A. F. Agarap., “A neural network architecture combining gated recurrent unit (GRU) and support vector machine (SVM) for intrusion detection in network traffic data.’’ [Online], Available: https://arxiv.org/abs/1709.03082, 2017.
J. Saxe and K. Berlin., “eXpose: A character-level convolutional neural network with embeddings for detecting malicious urls, file paths and registry keys., [Online]. Available: https://arxiv.org/abs/1702.08568, 2017.
Ren, Shaoqing, “Faster R-CNN: Towards Real-Time Object Detection with Region Proposal Networks”, IEEE Transactions on Pattern Analysis and Machine Intelligence 39, pp.1137-114, 2015.
Downloads
Published
-
Abstract232
-
PDF28
Submit Article
Information
