Skip to main content
Log in

Stacking Ensemble-Based Approach for Malware Detection

  • Original Research
  • Published:
SN Computer Science Aims and scope Submit manuscript

Abstract

The rapid growth of Internet connectivity has resulted in a significant increase in digital attack events, many of which have devastating and severe consequences. Malware is one type of cyber attack that is becoming more common by the day. With the rapid evolution of malware as technological innovation advances, the battle between security researchers and malware developers is ongoing. Analysts are working to distinguish it, while cyber criminals are figuring out how to hide it. Many researchers have proposed various methods for detecting malware, of which memory analysis plays a vital role. In this study, an efficient stack-based detection approach is proposed by combining kNN, Random Forest, Neural Network, Gradient Boosting, and Adaboost learning algorithms to detect the malware more efficiently. The proposed model is the more complex by combining the five approaches into two learning layers to classify the instanced more accurately. As per the result obtained, the proposed approach achieved high accuracy during training and testing phases using the memory forensic malware dataset.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Algorithm 1
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

Data availability

(i) Dataset 1: 48,240 malware samples and binary visualization images for machine learning anomaly detection is given in Ref. [25]. (ii) Dataset 2: Malware static and dynamic features VxHeaven and Virus Total is given in Ref. [26].

References

  1. Quickheal. First quarter threat report 2023. https://www.quickheal.co.in/documents/threat-report/quick-heal-threat-report-q1-2023.pdf. Accessed 22 July 2022.

  2. Sahu SK, Mohapatra DP, Rout JK, Sahoo KS, Luhach AK. An ensemble-based scalable approach for intrusion detection using big data framework. Big Data. 2021;9(4):303–21.

    Article  Google Scholar 

  3. Bozkir AS, Tahillioglu E, Aydos M, Kara I. Catch them alive: a malware detection approach through memory forensics, manifold learning and computer vision. Comput Secur. 2021;103:102166.

  4. Balzarotti D, Di Pietro R, Villani A. The impact of GPU-assisted malware on memory forensics: a case study. Digit Investig. 2015;14:S16–24.

    Article  Google Scholar 

  5. Kumar S. An emerging threat Fileless malware: a survey and research challenges. Cybersecurity. 2020;3(1):1–12.

    Article  Google Scholar 

  6. Anderson B, Quist D, Neil J, Storlie C, Lane T. Graph-based malware detection using dynamic analysis. J Comput Virol. 2011;7:247–58.

    Article  Google Scholar 

  7. Selvakumar B, Munneswaran K. Firefly algorithm based feature selection for network intrusion detection. Comput Secur. 2019;81:148–55.

    Article  Google Scholar 

  8. Vashishtha LK, Chatterjee K, Sahu SK, Mohapatra DP. A random forest-based ensemble technique for malware detection. In: Information systems and management science: conference proceedings of 4th international conference on information systems and management science (ISMS). Raipur, India: Springer; 2021. p. 454–63.

  9. Vashishtha LK, Singh AP, Chatterjee K. HIDM: a hybrid intrusion detection model for cloud based systems. Wirel Pers Commun. 2023;128(4):2637–66.

    Article  Google Scholar 

  10. Kara I. Fileless malware threats: recent advances, analysis approach through memory forensics and research challenges. Expert Syst Appl. 2023;214:119–33.

    Article  Google Scholar 

  11. Xia XL, Ding YX, Jiang JZ, Zeng R. Malware detection based on ontology. In: International conference on machine learning and cybernetics (ICMLC), vol. 1. Ningbo, China: IEEE; 2017. p. 21–6.

  12. Samantaray OP, Tripathy SN. A knowledge-domain analyser for malware classification. In: International conference on computer science, engineering and applications (ICCSEA). Gunupur, India: IEEE; 2020. p. 1–7.

  13. Azeez NA, Odufuwa OE, Misra S, Oluranti J, Damaševičius R. Windows PE malware detection using ensemble learning. Informatics. 2021;8(1):10. MDPI.

  14. Rout SS, Vashishtha LK, Chatterjee K, Rout JK. Android malware detection using ensemble feature learning. In: Information systems and management science: conference proceedings of 4th international conference on information systems and management science (ISMS). Raipur, India: Springer; 2021. p. 531–9.

  15. Zheng R, Wang Q, Lin Z, Jiang Z, Fu J, Peng G. Cryptocurrency malware detection in real-world environment: based on multi-results stacking learning. Appl Soft Comput. 2022;124:109044.

    Article  Google Scholar 

  16. Sahu SK, Mohapatra DP, Rout JK, Sahoo KS, Pham QV, Dao NN. A LSTM-FCNN based multi-class intrusion detection using scalable framework. Comput Electr Eng. 2022;99:107720.

    Article  Google Scholar 

  17. Rieck K, Trinius P, Willems C, Holz T. Automatic analysis of malware behavior using machine learning. J Comput Secur. 2011;19:639–68.

    Article  Google Scholar 

  18. Sahu SK, Mohapatra DP, Panda SK. NITIDS: a robust network intrusion dataset. Int J Embed Syst. 2021;14(4):391–408.

    Article  Google Scholar 

  19. Avci C, Tekinerdogan B, Catal C. Analyzing the performance of long short-term memory architectures for malware detection models. Concurr Comput: Pract Exp. 2023;35(6):1.

    Article  Google Scholar 

  20. García DE, DeCastro-García N, Castañeda ALM. An effectiveness analysis of transfer learning for the concept drift problem in malware detection. Expert Syst Appl. 2023;212:118724.

    Article  Google Scholar 

  21. Rustam F, Ashraf I, Jurcut AD, Bashir AK, Zikria YB. Malware detection using image representation of malware data and transfer learning. J Parallel Distrib Comput. 2023;172:32–50.

    Article  Google Scholar 

  22. Sihwail R, Omar K, Zainol Ariffin KA, Al Afghani S. Malware detection approach based on artifacts in memory image and dynamic analysis. Appl Sci. 2019;9(18):3680.

    Article  Google Scholar 

  23. Vinayakumar R, Alazab M, Soman KP, Poornachandran P, Venkatraman S. Robust intelligent malware detection using deep learning. IEEE Access. 2019;7:46717–38.

    Article  Google Scholar 

  24. Arora A, Peddoju SK, Conti M. Permpair: Android malware detection using permission pairs. IEEE Trans Inf Forensics Secur. 2019;15:1968–82.

    Article  Google Scholar 

  25. Saridou B, Rose J, Shiaeles S, Papadopoulos B. 48,240 Malware samples and binary visualisation images for machine learning anomaly detection (2021). https://ieee-dataport.org/documents/48240-malware-samples-and-binary-visualisation-images-machine-learning-anomaly-detection. Accessed 15 July 2022.

  26. Malware static and dynamic features VxHeaven and Virus Total, UCI Machine Learning Repository. https://doi.org/10.24432/C58K6H. Accessed 15 July 2022.

  27. Rose JR, Swann M, Bendiab G, Shiaeles S, Kolokotronis N. Intrusion detection using network traffic profiling and machine learning for IoT. In: IEEE 7th international conference on network softwarization (NetSoft). Tokyo, Japan: IEEE; 2021. p. 409–15.

Download references

Funding

The authors did not receive any funding/support from any organization.

Author information

Authors and Affiliations

Authors

Contributions

All authors have contributed equally to this work.

Corresponding author

Correspondence to Shovana Das.

Ethics declarations

Conflict of Interest

There is no conflict of interest for this study.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This article is part of the topical collection “Innovation in Smart Things: A Systems, Security, and AI Perspective” guest edited by Niranjan K Ray, Prasanth Yanambaka, and Rakesh Balabantaray.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Das, S., Garg, A. & Kumar, S. Stacking Ensemble-Based Approach for Malware Detection. SN COMPUT. SCI. 5, 185 (2024). https://doi.org/10.1007/s42979-023-02513-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s42979-023-02513-6

Keywords

Navigation