Ensemble-Based Classification Using Neural Networks and Machine Learning Models for Windows PE Malware Detection
Reads0
Chats0
TLDR
An ensemble classification-based methodology for malware detection is proposed, with the best performance achieved by an ensemble of five dense and CNN neural networks, and the ExtraTrees classifier as a meta-learner.Abstract:
The security of information is among the greatest challenges facing organizations and institutions. Cybercrime has risen in frequency and magnitude in recent years, with new ways to steal, change and destroy information or disable information systems appearing every day. Among the types of penetration into the information systems where confidential information is processed is malware. An attacker injects malware into a computer system, after which he has full or partial access to critical information in the information system. This paper proposes an ensemble classification-based methodology for malware detection. The first-stage classification is performed by a stacked ensemble of dense (fully connected) and convolutional neural networks (CNN), while the final stage classification is performed by a meta-learner. For a meta-learner, we explore and compare 14 classifiers. For a baseline comparison, 13 machine learning methods are used: K-Nearest Neighbors, Linear Support Vector Machine (SVM), Radial basis function (RBF) SVM, Random Forest, AdaBoost, Decision Tree, ExtraTrees, Linear Discriminant Analysis, Logistic, Neural Net, Passive Classifier, Ridge Classifier and Stochastic Gradient Descent classifier. We present the results of experiments performed on the Classification of Malware with PE headers (ClaMP) dataset. The best performance is achieved by an ensemble of five dense and CNN neural networks, and the ExtraTrees classifier as a meta-learner.read more
Citations
More filters
Journal ArticleDOI
An Efficient DenseNet-Based Deep Learning Model for Malware Detection.
TL;DR: Wang et al. as mentioned in this paper used a reweighted class-balanced loss function in the final classification layer of the DenseNet model to achieve significant performance improvements in classifying malware by handling imbalanced data issues.
Journal ArticleDOI
Image-Based Malware Classification Using VGG19 Network and Spatial Convolutional Attention
Mazhar Javed Awan,Osama Ahmed Masood,Mazin Abed Mohammed,Awais Yasin,Azlan Mohd Zain,Robertas Damasevicius,Karrar Hameed Abdulkareem +6 more
TL;DR: In this article, a spatial attention and convolutional neural network (SACNN) based on deep learning framework was proposed for image-based classification of 25 well-known malware families with and without class balancing.
Journal ArticleDOI
Threat Analysis and Distributed Denial of Service (DDoS) Attack Recognition in the Internet of Things (IoT)
Mohammed Hasan Ali,Mustafa Musa Jaber,Sura Khalil Abd,Amjad ur Rehman,Mazhar Javed Awan,Robertas Damaševičius,Saeed Ali Omer Bahaj +6 more
TL;DR: In this article , the authors used an autoencoder network model and an improved genetic algorithm to detect DDoS attacks in the Internet of Things (IoT), which achieved a 98.98% detection rate and 99.29% accuracy with minimal processing complexity.
Journal ArticleDOI
Feature Selection and Ensemble-Based Intrusion Detection System: An Efficient and Comprehensive Approach
Ebrima Jaw,Xueming Wang +1 more
TL;DR: This paper presents an ensemble classifier that used K-means, One-Class SVM, DBSCAN, and Expectation-Maximization, abbreviated (KODE) as an enhanced classifiers that consistently classifies the asymmetric probability distributions between malicious and normal instances.
Journal ArticleDOI
An intelligent cognitive computing based intrusion detection for industrial cyber-physical systems
TL;DR: In this article, a novel cognitive computing based IDS technique to achieve security in industrial Cyber-Physical Systems (CPSs) is presented, which involves different stages of operations such as data acquisition, preprocessing, feature selection, classification, and parameter optimization.
References
More filters
Proceedings Article
Adam: A Method for Stochastic Optimization
Diederik P. Kingma,Jimmy Ba +1 more
TL;DR: This work introduces Adam, an algorithm for first-order gradient-based optimization of stochastic objective functions, based on adaptive estimates of lower-order moments, and provides a regret bound on the convergence rate that is comparable to the best known results under the online convex optimization framework.
Journal Article
Dropout: a simple way to prevent neural networks from overfitting
TL;DR: It is shown that dropout improves the performance of neural networks on supervised learning tasks in vision, speech recognition, document classification and computational biology, obtaining state-of-the-art results on many benchmark data sets.
Proceedings Article
Adaptive Subgradient Methods for Online Learning and Stochastic Optimization.
TL;DR: Adaptive subgradient methods as discussed by the authors dynamically incorporate knowledge of the geometry of the data observed in earlier iterations to perform more informative gradient-based learning, which allows us to find needles in haystacks in the form of very predictive but rarely seen features.
Journal Article
Adaptive Subgradient Methods for Online Learning and Stochastic Optimization
TL;DR: This work describes and analyze an apparatus for adaptively modifying the proximal function, which significantly simplifies setting a learning rate and results in regret guarantees that are provably as good as the best proximal functions that can be chosen in hindsight.
Journal ArticleDOI
Extremely randomized trees
TL;DR: A new tree-based ensemble method for supervised classification and regression problems that consists of randomizing strongly both attribute and cut-point choice while splitting a tree node and builds totally randomized trees whose structures are independent of the output values of the learning sample.