Research Area:  Machine Learning

Abstract:

In this study we represent malware as opcode sequences and detect it using a deep belief network (DBN). Compared with traditional shallow neural networks, DBNs can use unlabeled data to pretrain a multi-layer generative model, which can better represent the characteristics of data samples. We compare the performance of DBNs with that of three baseline malware detection models, which use support vector machines, decision trees, and the k-nearest neighbor algorithm as classifiers. The experiments demonstrate that the DBN model provides more accurate detection than the baseline models. When additional unlabeled data are used for DBN pretraining, the DBNs perform better than the other detection models. We also use the DBNs as an autoencoder to extract the feature vectors of executables. The experiments indicate that the autoencoder can effectively model the underlying structure of input data and significantly reduce the dimensions of feature vectors.

Keywords:  
Malware Detection
Deep Learning Algorithm
deep belief network
Machine Learning

Author(s) Name:  Ding Yuxin & Zhu Siyi

Publisher name:  SPRINGER

DOI:  10.1007/s00521-017-3077-6

Volume Information:  volume 31, pages 461–472 (2019)

Paper Link:   https://link.springer.com/article/10.1007/s00521-017-3077-6