Benchmarking Convolutional and Recurrent Neural Networks for Malware Classification

Document Type

Article

Publication Date

6-24-2019

Subject: LCSH

Malware (Computer software), Neural networks (Computer science), Deep learning (Machine learning), Computer security

Disciplines

Computer Engineering | Computer Sciences | Electrical and Computer Engineering

Abstract

Malware detection and classification are attracting more research nowadays due to the increasing number of malware and ransomware instances targeting financial, educational and industrial systems. In artificial intelligence, we witness a resurgence of neural networks against the symbolic school which is manifested by many breakthroughs in gaming, image recognition and natural language processing under the umbrella term of deep learning. Researchers are evaluating deep learning algorithms for static and behavioral malware analysis. In this paper, we benchmark deep learning architectures composed of recurrent and convolutional neural networks. We report results on different techniques such as Long Short Term Memory (LSTM), Gated Recurrent Units (GRU), and one-dimensional Convolutional Neural Networks (1DCNN). We develop an automatic feature extraction component and a hybrid CNN/RNN classification model. We validate our model using the Microsoft Malware Classification Challenge (BIG 2015). Our results show comparable accuracy to approaches requiring manual and thorough feature engineering.

Comments

Article originally published in the 15th International Wireless Communications & Mobile Computing Conference (IWCMC), 2019.

University of New Haven community members can access the full-text here.

DOI

10.1109/IWCMC.2019.8766515

Publisher Citation

H. Safa, M. Nassar and W. A. Rahal Al Orabi, "Benchmarking Convolutional and Recurrent Neural Networks for Malware Classification," 2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC), 2019, pp. 561-566, doi: 10.1109/IWCMC.2019.8766515.

Check your library

Share

COinS