Deep Learning Framework and Visualization for Malware Classification

In this paper we propose a deep learning framework for classification of malware. There has been an enormous increase in the volume of malware generated lately which represents a genuine security danger to organizations and people. So as to battle the expansion of malwares, new strategies are needed to quickly identify and classify malware. Malimg dataset, a publicly available benchmark data set was used for the experimentation. The architecture used in this work is a hybrid cost-sensitive network of one-dimensional Convolutional Neural Network (CNN) and Long Short-Term Memory (LSTM) network which obtained an accuracy of 94.4%, an increase in performance compared to work done by [1] which got 84.9%. Hyper parameter tuning is done on deep learning architecture to set the parameters. A learning rate of 0.01 was taken for all experiments. Train-test split of 70-30% was done during experimentation. This facilitates to find how well the models perform on imbalanced data sets. Usual methods like disassembly, decompiling, de-obfuscation or execution of the binary need not be done in this proposed method. The source code and the trained models are made publicly available for further research.