Skip to main content
Springer Nature Link
Log in

Analysis of ResNet and GoogleNet models for malware detection

  • Original Paper
  • Published:
Journal of Computer Virology and Hacking Techniques Aims and scope Submit manuscript

Abstract

We have utilized two distinct models to identify the obscure or new sort of malware in this paper. GoogleNet and ResNet models are researched and tried which belong to two different platforms i.e. ResNet belongs to Microsoft and GoogleNet is the intellectual property of Google. Two sorts of datasets are utilized for training and validation the models. One of the dataset was downloaded from Microsoft which is the combination of 10,868 records and these records are binary records. These records are additionally isolated in nine diverse classes. Second dataset is considerate dataset and it contains 3000 benign files. The said datasets were initially in the form of EXE files and were changed over into opcode, after that changed over into images. We got a testing accuracy of 74.5% on GoogleNet and 88.36% precision on ResNet.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

References

  1. Nataraj, L., Yegneswaran, V., Porras, P., Zhang, J.: A comparative assessment of malware classification using binary texture analysis and dynamic analysis. In: Proceedings of the 4th ACM Workshop on Security and Artificial Intelligence, pp. 21–30 (2011). https://doi.org/10.1145/2046684.2046689

  2. Abadi, M., Agarwal, A., Barham, P., Brevdo, E., Chen, Z., Citro, C., Corrado, G.S., Davis, A., Dean, J., Devin, M. Ghemawat, S., Goodfellow, I., Harp, A., Irving, G., Isard, M., Jia, Y., Jozefowicz, R., Kaiser, L., Kudlur, M., Levenberg, J., Mane, D., Monga, R., Moore, S., Murray, D., Olah, C., Schuster, M., Shlens, J., Steiner, B., Sutskever, I., Talwar, K., Tucker, P., Vanhoucke, V., Vasudevan, V., Viegas, F., Vinyals, O., Warden, P., Wattenberg, M., Wicke, M., Yu, Y., Zheng, X.: TensorFlow: Large-Scale Machine Learning on Heterogeneous Distributed Systems (2016). arXiv:1603.04467

  3. Dahl, G., Stokes, J., Deng, L.: Large-scale malware classification using random projections and neural networks. Acoust. Speech (2013). http://ieeexplore.ieee.org/abstract/document/6638293/

  4. Adebayo, O.S., Aziz, N.A.: Static code analysis of permission based features for android malware classification using a priori algorithm with particle swarm optimization. J. Inf. Assur. Secur. 10(4), 152–163 (2015)

    Google Scholar 

  5. Bennasar, H., Bendahmane, A., Essaaidi, M.: An Overview of the State-of-the-Art of Cloud Computing Cyber-Security, pp. 56–67. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-55589-8_4

  6. Barrera, D., Kayacik, H.G., van Oorschot, P.C.: A methodology for empirical analysis of permission-based security models and its application to android. 17th Proceedings (2010). http://dl.acm.org/citation.cfm?id=1866317

  7. Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: 16th ACM Conference on Computer (2009). http://dl.acm.org/citation.cfm?id=1653691

  8. Felt, A.P., Greenwood, K., Wagner, D.: The effectiveness of application permissions. In: Conference on Web Application (2011)

  9. Afifi, F., Anuar, N.B., Shamshirband, S., Choo, K.K.R.: DyHAP: Dynamic Hybrid ANFIS-PSO Approach for Predicting Mobile Malware. PLoS ONE (2016). http://journals.plos.org/plosone/article?id=10.1371/journal.pone.0162627

  10. Tong, F., Yan, Z.: A hybrid approach of mobile malware detection in Android. J. Parallel Distrib. Comput. (2017). http://www.sciencedirect.com/science/article/pii/S074373151630140X

  11. Hardy, W., Chen, L., Hou, S., Ye, Y., Li, X.: DL4MD: A Deep Learning Framework for Intelligent Malware Detection

  12. Saxe, J., Berlin, K.: Deep neural network based malware detection using two dimensional binary program features. In: 2015 10th International Conference on Malicious and Unwanted Software (MALWARE), pp. 11–20. IEEE (2015). http://ieeexplore.ieee.org/document/7413680/

  13. Yuan, Z., Lu, Y., Xue, Y.: Droiddetector: Android Malware Characterization and Detection Using Deep Learning. Tsinghua Science and Technology (2016). http://ieeexplore.ieee.org/abstract/document/7399288/

  14. Abou-Assaleh, T., Cercone, N., Keselj, V.: N-Gram-based Detection of New Malicious Code. ieeexplore.ieee.org (2004). http://ieeexplore.ieee.org/abstract/document/1342667/

  15. Reddy, D., Pujari, A.: N-gram analysis for computer virus detection. J. Comput. Virol. (2006). http://www.springerlink.com/index/9H321858271V2720.pdf

  16. Moskovitch, R., Feher, C., Tzachar, N., Berger, E.: Unknown Malcode Detection Using Opcode Representation. Springer, Berlin (2008). http://www.springerlink.com/index/B6H4KR787186P460.pdf

  17. Nataraj, L., Karthikeyan, S., Jacob, G., Manjunath, B.S.: Malware images. Proceedings of the 8th International Symposium on Visualization for Cyber Security—VizSec’11, pp. 1–7 (2011). http://dl.acm.org/citation.cfm?id=2016904.2016908

  18. Zhang, X., Zhao, J., LeCun, Y.: Character-Level Convolutional Networks for Text Classification. papers.nips.cc. http://papers.nips.cc/paper/5782-character-level-convolutional-networks-fo

  19. Damshenas, M., Dehghantanha, A., Choo, K.-K.R., Mahmud, R.: M0Droid: An android behavioral-based malware detection model. J. Inf. Privacy Secur. 11(3), 141–157 (2015). https://doi.org/10.1080/15536548.2015.1073510

  20. Milosevic, N., Dehghantanha, A., Choo, K.K.R.: Machine learning aided Android malware classification. Comput. Electr. (2017). http://www.sciencedirect.com/science/article/pii/S0045790617303087

  21. Siddiqui, M., Wang, M.C., Lee, J.: Detecting internet worms using data mining techniques. J. Syst. Cybern. (2009). http://www.iiisci.org/Journal/CV%7B$%7D/sci/pdfs/QI505RM.pdf

  22. Egele, M., Scholte, T., Kirda, E., Kruegel, C.: A survey on automated dynamic malware-analysis techniques and tools. ACM Comput. Surv. (CSUR) (2012). http://dl.acm.org/citation.cfm?id=2089126

  23. Kong, D., Yan, G.: Discriminant malware distance learning on structural information for automated malware classification. In: Proceedings of the 19th ACM SIGKDD International (2013). http://dl.acm.org/citation.cfm?id=2488219

  24. Tian, R., Batten, L.M., Versteeg, S.C.: Function length as a tool for malware classification. In: 3rd International Conference on Malicious and Unwanted Software (MALWARE 2008), pp. 69–76 (2008). http://ieeexplore.ieee.org/abstract/document/4690860/

  25. Tian, R., Batten, L., Islam, R., Versteeg, S.: An automated classification system based on the strings of trojan and virus families. In: 2009 4th International Conference on Malicious and Unwanted Software (MALWARE 2009), pp. 23–30 (2009). http://ieeexplore.ieee.org/abstract/document/5403021/

  26. Hall, M., Holmes, F.E., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.A.: The WEKA data mining software: an update. SIGKDD Explor. 11(1) (2009). http://dl.acm.org/citation.cfm?id=1656278

  27. Santos, I., Laorden, C., Bringas, P.G.: Collective classification for unknown malware detection. The International Conference (2011). http://ieeexplore.ieee.org/abstract/document/6732395/

  28. Santos, I. Devesa, J., Brezo, F., Nieves, J.: Opem: a static-dynamic approach for machine-learning-based malware detection. Joint Conference CISIS (2013). https://doi.org/10.1007/978-3-642-33018-6_28

  29. Zolkipli, M.F., Jantan, A.: An approach for malware behavior identification and classification. Comput. Res. Dev. (2011). http://ieeexplore.ieee.org/abstract/document/5764001/

  30. Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using cwsandbox. IEEE Secur. Privacy 5(2), 32–39 (2007)

    Article  Google Scholar 

Download references

Acknowledgements

Funding was provided by National Natural Science Foundation of China (Grant No. 61572115).

Author information

Authors and Affiliations

  1. Center of Cyber Security, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China

    Riaz Ullah Khan, Xiaosong Zhang & Rajesh Kumar

Authors
  1. Riaz Ullah Khan
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Xiaosong Zhang
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Rajesh Kumar
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Riaz Ullah Khan.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Khan, R.U., Zhang, X. & Kumar, R. Analysis of ResNet and GoogleNet models for malware detection. J Comput Virol Hack Tech 15, 29–37 (2019). https://doi.org/10.1007/s11416-018-0324-z

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11416-018-0324-z

Keywords