Abstract
We have utilized two distinct models to identify the obscure or new sort of malware in this paper. GoogleNet and ResNet models are researched and tried which belong to two different platforms i.e. ResNet belongs to Microsoft and GoogleNet is the intellectual property of Google. Two sorts of datasets are utilized for training and validation the models. One of the dataset was downloaded from Microsoft which is the combination of 10,868 records and these records are binary records. These records are additionally isolated in nine diverse classes. Second dataset is considerate dataset and it contains 3000 benign files. The said datasets were initially in the form of EXE files and were changed over into opcode, after that changed over into images. We got a testing accuracy of 74.5% on GoogleNet and 88.36% precision on ResNet.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Nataraj, L., Yegneswaran, V., Porras, P., Zhang, J.: A comparative assessment of malware classification using binary texture analysis and dynamic analysis. In: Proceedings of the 4th ACM Workshop on Security and Artificial Intelligence, pp. 21–30 (2011). https://doi.org/10.1145/2046684.2046689
Abadi, M., Agarwal, A., Barham, P., Brevdo, E., Chen, Z., Citro, C., Corrado, G.S., Davis, A., Dean, J., Devin, M. Ghemawat, S., Goodfellow, I., Harp, A., Irving, G., Isard, M., Jia, Y., Jozefowicz, R., Kaiser, L., Kudlur, M., Levenberg, J., Mane, D., Monga, R., Moore, S., Murray, D., Olah, C., Schuster, M., Shlens, J., Steiner, B., Sutskever, I., Talwar, K., Tucker, P., Vanhoucke, V., Vasudevan, V., Viegas, F., Vinyals, O., Warden, P., Wattenberg, M., Wicke, M., Yu, Y., Zheng, X.: TensorFlow: Large-Scale Machine Learning on Heterogeneous Distributed Systems (2016). arXiv:1603.04467
Dahl, G., Stokes, J., Deng, L.: Large-scale malware classification using random projections and neural networks. Acoust. Speech (2013). http://ieeexplore.ieee.org/abstract/document/6638293/
Adebayo, O.S., Aziz, N.A.: Static code analysis of permission based features for android malware classification using a priori algorithm with particle swarm optimization. J. Inf. Assur. Secur. 10(4), 152–163 (2015)
Bennasar, H., Bendahmane, A., Essaaidi, M.: An Overview of the State-of-the-Art of Cloud Computing Cyber-Security, pp. 56–67. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-55589-8_4
Barrera, D., Kayacik, H.G., van Oorschot, P.C.: A methodology for empirical analysis of permission-based security models and its application to android. 17th Proceedings (2010). http://dl.acm.org/citation.cfm?id=1866317
Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: 16th ACM Conference on Computer (2009). http://dl.acm.org/citation.cfm?id=1653691
Felt, A.P., Greenwood, K., Wagner, D.: The effectiveness of application permissions. In: Conference on Web Application (2011)
Afifi, F., Anuar, N.B., Shamshirband, S., Choo, K.K.R.: DyHAP: Dynamic Hybrid ANFIS-PSO Approach for Predicting Mobile Malware. PLoS ONE (2016). http://journals.plos.org/plosone/article?id=10.1371/journal.pone.0162627
Tong, F., Yan, Z.: A hybrid approach of mobile malware detection in Android. J. Parallel Distrib. Comput. (2017). http://www.sciencedirect.com/science/article/pii/S074373151630140X
Hardy, W., Chen, L., Hou, S., Ye, Y., Li, X.: DL4MD: A Deep Learning Framework for Intelligent Malware Detection
Saxe, J., Berlin, K.: Deep neural network based malware detection using two dimensional binary program features. In: 2015 10th International Conference on Malicious and Unwanted Software (MALWARE), pp. 11–20. IEEE (2015). http://ieeexplore.ieee.org/document/7413680/
Yuan, Z., Lu, Y., Xue, Y.: Droiddetector: Android Malware Characterization and Detection Using Deep Learning. Tsinghua Science and Technology (2016). http://ieeexplore.ieee.org/abstract/document/7399288/
Abou-Assaleh, T., Cercone, N., Keselj, V.: N-Gram-based Detection of New Malicious Code. ieeexplore.ieee.org (2004). http://ieeexplore.ieee.org/abstract/document/1342667/
Reddy, D., Pujari, A.: N-gram analysis for computer virus detection. J. Comput. Virol. (2006). http://www.springerlink.com/index/9H321858271V2720.pdf
Moskovitch, R., Feher, C., Tzachar, N., Berger, E.: Unknown Malcode Detection Using Opcode Representation. Springer, Berlin (2008). http://www.springerlink.com/index/B6H4KR787186P460.pdf
Nataraj, L., Karthikeyan, S., Jacob, G., Manjunath, B.S.: Malware images. Proceedings of the 8th International Symposium on Visualization for Cyber Security—VizSec’11, pp. 1–7 (2011). http://dl.acm.org/citation.cfm?id=2016904.2016908
Zhang, X., Zhao, J., LeCun, Y.: Character-Level Convolutional Networks for Text Classification. papers.nips.cc. http://papers.nips.cc/paper/5782-character-level-convolutional-networks-fo
Damshenas, M., Dehghantanha, A., Choo, K.-K.R., Mahmud, R.: M0Droid: An android behavioral-based malware detection model. J. Inf. Privacy Secur. 11(3), 141–157 (2015). https://doi.org/10.1080/15536548.2015.1073510
Milosevic, N., Dehghantanha, A., Choo, K.K.R.: Machine learning aided Android malware classification. Comput. Electr. (2017). http://www.sciencedirect.com/science/article/pii/S0045790617303087
Siddiqui, M., Wang, M.C., Lee, J.: Detecting internet worms using data mining techniques. J. Syst. Cybern. (2009). http://www.iiisci.org/Journal/CV%7B$%7D/sci/pdfs/QI505RM.pdf
Egele, M., Scholte, T., Kirda, E., Kruegel, C.: A survey on automated dynamic malware-analysis techniques and tools. ACM Comput. Surv. (CSUR) (2012). http://dl.acm.org/citation.cfm?id=2089126
Kong, D., Yan, G.: Discriminant malware distance learning on structural information for automated malware classification. In: Proceedings of the 19th ACM SIGKDD International (2013). http://dl.acm.org/citation.cfm?id=2488219
Tian, R., Batten, L.M., Versteeg, S.C.: Function length as a tool for malware classification. In: 3rd International Conference on Malicious and Unwanted Software (MALWARE 2008), pp. 69–76 (2008). http://ieeexplore.ieee.org/abstract/document/4690860/
Tian, R., Batten, L., Islam, R., Versteeg, S.: An automated classification system based on the strings of trojan and virus families. In: 2009 4th International Conference on Malicious and Unwanted Software (MALWARE 2009), pp. 23–30 (2009). http://ieeexplore.ieee.org/abstract/document/5403021/
Hall, M., Holmes, F.E., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.A.: The WEKA data mining software: an update. SIGKDD Explor. 11(1) (2009). http://dl.acm.org/citation.cfm?id=1656278
Santos, I., Laorden, C., Bringas, P.G.: Collective classification for unknown malware detection. The International Conference (2011). http://ieeexplore.ieee.org/abstract/document/6732395/
Santos, I. Devesa, J., Brezo, F., Nieves, J.: Opem: a static-dynamic approach for machine-learning-based malware detection. Joint Conference CISIS (2013). https://doi.org/10.1007/978-3-642-33018-6_28
Zolkipli, M.F., Jantan, A.: An approach for malware behavior identification and classification. Comput. Res. Dev. (2011). http://ieeexplore.ieee.org/abstract/document/5764001/
Willems, C., Holz, T., Freiling, F.: Toward automated dynamic malware analysis using cwsandbox. IEEE Secur. Privacy 5(2), 32–39 (2007)
Acknowledgements
Funding was provided by National Natural Science Foundation of China (Grant No. 61572115).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Khan, R.U., Zhang, X. & Kumar, R. Analysis of ResNet and GoogleNet models for malware detection. J Comput Virol Hack Tech 15, 29–37 (2019). https://doi.org/10.1007/s11416-018-0324-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11416-018-0324-z