Detail publikace

Obfuscated malware detection using dilated convolutional network

MEZINA, A. BURGET, R.

Originální název

Obfuscated malware detection using dilated convolutional network

Typ

článek ve sborníku ve WoS nebo Scopus

Jazyk

angličtina

Originální abstrakt

Nowadays, information security is a critical field of research since information technologies develop rapidly. Consequently, the possible attacks are also evolving. One of the problems is malware detection. There is no doubt that many antivirus software can catch most cases. However, it is important to remember that such software is one step behind the malware. Here we introduce artificial intelligence that can help to detect obfuscated malware in memory. Modern architectures of a neural network can detect even unknown malware and distinguish whether there is something malicious or not. This paper deals with the problem of the detection of obfuscated malware in memory. Most existing approaches use custom datasets or Microsoft Malware Classification Challenge dataset (BIG2015). However, we applied the latest dataset CIC-MalMem-2022, which reflects the current state of technologies. This dataset contains samples with benign and malware cases. Additionally, the authors provided the family and type of malware, so it is possible to perform advanced experiments. This paper provides techniques for the detection and classification of malware from given memory information. Firstly, the traditional machine learning methods are tested with optimisation techniques; secondly, the dilated convolutional network is proposed. According to the results, the detection by all methods has an accuracy of 0.99. However, the most accurate is a random forest. On the other hand, the proposed neural network architecture is the best for classifying the malware family and has achieved an accuracy of 0.83.

Klíčová slova

machine learning, dilated convolutional network, malware detection, binary classification, multiclass classification

Autoři

MEZINA, A.; BURGET, R.

Vydáno

13. 10. 2022

Nakladatel

IEEE

Místo

Valencia, Spain

ISBN

979-8-3503-9866-3

Kniha

2022 14th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)

Strany od

110

Strany do

115

Strany počet

6

URL

https://ieeexplore.ieee.org/abstract/document/9943443

BibTex

@inproceedings{BUT180407,
  author="Anzhelika {Mezina} and Radim {Burget}",
  title="Obfuscated malware detection using dilated convolutional network",
  booktitle="2022 14th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT)",
  year="2022",
  pages="110--115",
  publisher="IEEE",
  address="Valencia, Spain",
  doi="10.1109/ICUMT57764.2022.9943443",
  isbn="979-8-3503-9866-3",
  url="https://ieeexplore.ieee.org/abstract/document/9943443"
}