基于WINDOWS系统调用序列的无监督恶意软件检测系统

IF 1.1 4区计算机科学 Q4 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Malaysian Journal of Computer Science Pub Date : 2022-12-06 DOI:10.22452/mjcs.sp2022no2.7

Ragaventhiran J, V. P, M. Kodabagi, Syed Thouheed Ahmed, P. Ramadoss, Prisma Megantoro

{"title":"基于WINDOWS系统调用序列的无监督恶意软件检测系统","authors":"Ragaventhiran J, V. P, M. Kodabagi, Syed Thouheed Ahmed, P. Ramadoss, Prisma Megantoro","doi":"10.22452/mjcs.sp2022no2.7","DOIUrl":null,"url":null,"abstract":"Malware attacks have grown in prominence in recent years, posing severe security risks and resulting in significant financial losses. The ability to rapidly and reliably classify malware is vital to cybersecurity due to the exponential growth of malware variants. The role of artificial intelligence plays a significant role in cybersecurity industry. Recently, in the field of malware detection deep learning technique seeks more attention than the machine learning techniques due to the complexity of its behavior. Because the deep learning technique performs well than the machine learning techniques in terms of accuracy and it is well suited for large amount of data. The input attribute for the proposed model is windows-based system call sequence which is collected from NT mal detect project. In this work, the unsupervised deep learning technique used for text classification namely LSTM autoencoder and the performance of proposed model compares with existing DL methods such as CNN, RNN and LSTM with the performance parameters of accuracy, precision, recall and F1-measure.","PeriodicalId":49894,"journal":{"name":"Malaysian Journal of Computer Science","volume":" ","pages":""},"PeriodicalIF":1.1000,"publicationDate":"2022-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"AN UNSUPERVISED MALWARE DETECTION SYSTEM FOR WINDOWS BASED SYSTEM CALL SEQUENCES\",\"authors\":\"Ragaventhiran J, V. P, M. Kodabagi, Syed Thouheed Ahmed, P. Ramadoss, Prisma Megantoro\",\"doi\":\"10.22452/mjcs.sp2022no2.7\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Malware attacks have grown in prominence in recent years, posing severe security risks and resulting in significant financial losses. The ability to rapidly and reliably classify malware is vital to cybersecurity due to the exponential growth of malware variants. The role of artificial intelligence plays a significant role in cybersecurity industry. Recently, in the field of malware detection deep learning technique seeks more attention than the machine learning techniques due to the complexity of its behavior. Because the deep learning technique performs well than the machine learning techniques in terms of accuracy and it is well suited for large amount of data. The input attribute for the proposed model is windows-based system call sequence which is collected from NT mal detect project. In this work, the unsupervised deep learning technique used for text classification namely LSTM autoencoder and the performance of proposed model compares with existing DL methods such as CNN, RNN and LSTM with the performance parameters of accuracy, precision, recall and F1-measure.\",\"PeriodicalId\":49894,\"journal\":{\"name\":\"Malaysian Journal of Computer Science\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":1.1000,\"publicationDate\":\"2022-12-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Malaysian Journal of Computer Science\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.22452/mjcs.sp2022no2.7\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Malaysian Journal of Computer Science","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.22452/mjcs.sp2022no2.7","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 1

摘要

近年来，恶意软件攻击日益突出，造成了严重的安全风险，并造成了重大的财务损失。由于恶意软件变种呈指数级增长，快速可靠地对恶意软件进行分类的能力对网络安全至关重要。人工智能在网络安全产业中发挥着重要作用。最近，在恶意软件检测领域，深度学习技术由于其行为的复杂性而比机器学习技术寻求更多的关注。因为深度学习技术在准确性方面比机器学习技术表现得更好，并且非常适合大量数据。该模型的输入属性是从NT错误检测项目中收集的基于windows的系统调用序列。在这项工作中，用于文本分类的无监督深度学习技术，即LSTM自动编码器和所提出的模型的性能与现有的DL方法（如CNN、RNN和LSTM）进行了比较，性能参数包括准确性、精确度、召回率和F1测度。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

AN UNSUPERVISED MALWARE DETECTION SYSTEM FOR WINDOWS BASED SYSTEM CALL SEQUENCES

Malware attacks have grown in prominence in recent years, posing severe security risks and resulting in significant financial losses. The ability to rapidly and reliably classify malware is vital to cybersecurity due to the exponential growth of malware variants. The role of artificial intelligence plays a significant role in cybersecurity industry. Recently, in the field of malware detection deep learning technique seeks more attention than the machine learning techniques due to the complexity of its behavior. Because the deep learning technique performs well than the machine learning techniques in terms of accuracy and it is well suited for large amount of data. The input attribute for the proposed model is windows-based system call sequence which is collected from NT mal detect project. In this work, the unsupervised deep learning technique used for text classification namely LSTM autoencoder and the performance of proposed model compares with existing DL methods such as CNN, RNN and LSTM with the performance parameters of accuracy, precision, recall and F1-measure.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Malaysian Journal of Computer Science COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE-COMPUTER SCIENCE, THEORY & METHODS

CiteScore

2.20

自引率

33.30%

发文量

审稿时长

7.5 months

期刊介绍： The Malaysian Journal of Computer Science (ISSN 0127-9084) is published four times a year in January, April, July and October by the Faculty of Computer Science and Information Technology, University of Malaya, since 1985. Over the years, the journal has gained popularity and the number of paper submissions has increased steadily. The rigorous reviews from the referees have helped in ensuring that the high standard of the journal is maintained. The objectives are to promote exchange of information and knowledge in research work, new inventions/developments of Computer Science and on the use of Information Technology towards the structuring of an information-rich society and to assist the academic staff from local and foreign universities, business and industrial sectors, government departments and academic institutions on publishing research results and studies in Computer Science and Information Technology through a scholarly publication. The journal is being indexed and abstracted by Clarivate Analytics'' Web of Science and Elsevier''s Scopus