{"title":"基于图像的恶意软件分类迁移学习和攻击算法","authors":"Pr.Nasserdine Bouchaib, M. Bouhorma","doi":"10.1145/3454127.3457631","DOIUrl":null,"url":null,"abstract":"In recent years, the volume and type of malware is growing, which increases the need of improving a detection and classification malware systems. Nowadays, deep convolutional neural networks (CNNs) have recently proven to be very successful for malware classification due to their performance on images classification. However, their effectiveness is degraded with the unbalanced malware families. In this paper, we propose a malware classification framework using CNN-based deep learning architecture, including a SMOTE technique \"Synthetic Minority Oversampling Technique\" to balance the dataset (malwares families). Our proposed method consists to converting the binary files into gray scale images and balancing them by the SMOTE method, and then we use them to train the CNN architecture to detect and identify malware families. We use the Transfer Learning technique based on an existing Deep Learning model VGG16 that has previously trained with the ImageNet dataset (≥ 10 million). For evaluations, an extensive experiment was conducted using Microsoft Malware dataset. The Results show that our approach is efficient with an average accuracy of 98%.","PeriodicalId":432206,"journal":{"name":"Proceedings of the 4th International Conference on Networking, Information Systems & Security","volume":"42 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"TRANSFER LEARNING AND SMOTE ALGORITHM FOR IMAGE-BASED MALWARE CLASSIFICATION\",\"authors\":\"Pr.Nasserdine Bouchaib, M. Bouhorma\",\"doi\":\"10.1145/3454127.3457631\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In recent years, the volume and type of malware is growing, which increases the need of improving a detection and classification malware systems. Nowadays, deep convolutional neural networks (CNNs) have recently proven to be very successful for malware classification due to their performance on images classification. However, their effectiveness is degraded with the unbalanced malware families. In this paper, we propose a malware classification framework using CNN-based deep learning architecture, including a SMOTE technique \\\"Synthetic Minority Oversampling Technique\\\" to balance the dataset (malwares families). Our proposed method consists to converting the binary files into gray scale images and balancing them by the SMOTE method, and then we use them to train the CNN architecture to detect and identify malware families. We use the Transfer Learning technique based on an existing Deep Learning model VGG16 that has previously trained with the ImageNet dataset (≥ 10 million). For evaluations, an extensive experiment was conducted using Microsoft Malware dataset. The Results show that our approach is efficient with an average accuracy of 98%.\",\"PeriodicalId\":432206,\"journal\":{\"name\":\"Proceedings of the 4th International Conference on Networking, Information Systems & Security\",\"volume\":\"42 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 4th International Conference on Networking, Information Systems & Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3454127.3457631\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 4th International Conference on Networking, Information Systems & Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3454127.3457631","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
TRANSFER LEARNING AND SMOTE ALGORITHM FOR IMAGE-BASED MALWARE CLASSIFICATION
In recent years, the volume and type of malware is growing, which increases the need of improving a detection and classification malware systems. Nowadays, deep convolutional neural networks (CNNs) have recently proven to be very successful for malware classification due to their performance on images classification. However, their effectiveness is degraded with the unbalanced malware families. In this paper, we propose a malware classification framework using CNN-based deep learning architecture, including a SMOTE technique "Synthetic Minority Oversampling Technique" to balance the dataset (malwares families). Our proposed method consists to converting the binary files into gray scale images and balancing them by the SMOTE method, and then we use them to train the CNN architecture to detect and identify malware families. We use the Transfer Learning technique based on an existing Deep Learning model VGG16 that has previously trained with the ImageNet dataset (≥ 10 million). For evaluations, an extensive experiment was conducted using Microsoft Malware dataset. The Results show that our approach is efficient with an average accuracy of 98%.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
