Arwa Alzammam, H. Binsalleeh, Basil AsSadhan, K. Kyriakopoulos, S. Lambotharan
{"title":"基于CNN的恶意软件样本不平衡多类分类比较分析","authors":"Arwa Alzammam, H. Binsalleeh, Basil AsSadhan, K. Kyriakopoulos, S. Lambotharan","doi":"10.1109/AECT47998.2020.9194155","DOIUrl":null,"url":null,"abstract":"Malware is considered as one of the main actors in cyber attacks. The number of unique malware samples is constantly on the rise; however, the ratio of benign software still greatly outnumbers malware samples. In machine learning, such datasets are known as imbalanced, where the majority class label greatly dominates over others. In this paper, we present a comparative analysis and evaluation of some of the proposed techniques in the literature in order to address the problem of classifying imbalanced multi-class malware datasets. More specifically, we use Convolutional Neural Network (CNN) as a classification algorithm to study the effect of imbalanced datasets on deep learning approaches. These experiments are conducted on three publicly available imbalanced datasets. Our performance analysis demonstrates that methods such as cost sensitive learning, oversampling and cross validation have positive effects on the model classification performance, albeit in varying degrees. Meanwhile others like using pre-trained models require more special parameter settings. However, best practices may change in accordance with the problem domain.","PeriodicalId":331415,"journal":{"name":"2019 International Conference on Advances in the Emerging Computing Technologies (AECT)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2020-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Comparative Analysis on Imbalanced Multi-class Classification for Malware Samples using CNN\",\"authors\":\"Arwa Alzammam, H. Binsalleeh, Basil AsSadhan, K. Kyriakopoulos, S. Lambotharan\",\"doi\":\"10.1109/AECT47998.2020.9194155\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Malware is considered as one of the main actors in cyber attacks. The number of unique malware samples is constantly on the rise; however, the ratio of benign software still greatly outnumbers malware samples. In machine learning, such datasets are known as imbalanced, where the majority class label greatly dominates over others. In this paper, we present a comparative analysis and evaluation of some of the proposed techniques in the literature in order to address the problem of classifying imbalanced multi-class malware datasets. More specifically, we use Convolutional Neural Network (CNN) as a classification algorithm to study the effect of imbalanced datasets on deep learning approaches. These experiments are conducted on three publicly available imbalanced datasets. Our performance analysis demonstrates that methods such as cost sensitive learning, oversampling and cross validation have positive effects on the model classification performance, albeit in varying degrees. Meanwhile others like using pre-trained models require more special parameter settings. However, best practices may change in accordance with the problem domain.\",\"PeriodicalId\":331415,\"journal\":{\"name\":\"2019 International Conference on Advances in the Emerging Computing Technologies (AECT)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 International Conference on Advances in the Emerging Computing Technologies (AECT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/AECT47998.2020.9194155\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 International Conference on Advances in the Emerging Computing Technologies (AECT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AECT47998.2020.9194155","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Comparative Analysis on Imbalanced Multi-class Classification for Malware Samples using CNN
Malware is considered as one of the main actors in cyber attacks. The number of unique malware samples is constantly on the rise; however, the ratio of benign software still greatly outnumbers malware samples. In machine learning, such datasets are known as imbalanced, where the majority class label greatly dominates over others. In this paper, we present a comparative analysis and evaluation of some of the proposed techniques in the literature in order to address the problem of classifying imbalanced multi-class malware datasets. More specifically, we use Convolutional Neural Network (CNN) as a classification algorithm to study the effect of imbalanced datasets on deep learning approaches. These experiments are conducted on three publicly available imbalanced datasets. Our performance analysis demonstrates that methods such as cost sensitive learning, oversampling and cross validation have positive effects on the model classification performance, albeit in varying degrees. Meanwhile others like using pre-trained models require more special parameter settings. However, best practices may change in accordance with the problem domain.