skip to main content
10.1145/3477314.3507242acmconferencesArticle/Chapter ViewAbstractPublication PagessacConference Proceedingsconference-collections
poster

Deriving optimal deep learning models for image-based malware classification

Published: 06 May 2022 Publication History

Abstract

Analyzing a huge amount of malware is a major burden for security analysts. Since emerging malware is often a variant of existing ones, automatically classifying malware into known families greatly reduces their burden. Image-based malware classification with deep learning is an attractive approach for its simplicity, versatility, and affinity with existing technologies. However, the impact of different deep learning models and the degree of transfer learning on the classification accuracy has not been fully investigated. In this paper, we conducted an exhaustive study of deep learning models using 24 models pre-trained with ImageNet and 5 fine-tuning parameters, 120 models in total, for malware on two platforms. As a result, we derived the optimal deep learning models by fine-tuning the pre-trained models and achieved the cross-validation accuracy on the Malimg (98.96%) and Drebin (91.03%) datasets.

References

[1]
Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, and Konrad Rieck. 2014. Drebin: Effective and Explainable Detection of Android Malware in Your Pocket. In Proceedings of the 21th Annual Network and Distributed System Security Symposium (NDSS 2014).
[2]
Zhihua Cui, Fei Xue, Xingjuan Cai, Yang Cao, Gai ge Wang, and Jinjun Chen. 2018. Detection of Malicious Code Variants Based on Deep Learning. IEEE Transactions on Industrial Informatics 14, 7 (2018), 3187--3196.
[3]
Jia Deng, Wei Dong, Richard Socher, Li-Jia Li, Kai Li, and Li Fei-Fei. 2009. ImageNet: A large-scale hierarchical image database. In 2009 IEEE Conference on Computer Vision and Pattern Recognition. 248--255.
[4]
Mahmoud Kalash, Mrigank Rochan, Noman Mohammed, Neil D. B. Bruce, Yang Wang, and Farkhund Iqbal. 2018. Malware Classification with Deep Convolutional Neural Networks. In Proceedings of the 9th IFIP International Conference on New Technologies, Mobility and Security (NTMS). 1--5.
[5]
Wai Weng Lo, Xu Yang, and Yapeng Wang. 2019. An Xception Convolutional Neural Network for Malware Classification with Transfer Learning. In Proceedings of the 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS 2019). 1--5.
[6]
Youness Mourtaji, Mohammed Bouhorma, and Daniyal Alghazzawi. 2019. Intelligent Framework for Malware Detection with Convolutional Neural Network. In Proceedings of the 2nd International Conference on Networking, Information Systems & Security (Rabat, Morocco) (NISS19). 6 pages.
[7]
L. Nataraj, S. Karthikeyan, G. Jacob, and B. S. Manjunath. 2011. Malware Images: Visualization and Automatic Classification. In Proceedings of the 8th International Symposium on Visualization for Cyber Security (Pittsburgh, Pennsylvania, USA) (VizSec '11). 7 pages.
[8]
E. Rezende, G. Ruppert, T. Carvalho, F. Ramos, and P. de Geus. 2017. Malicious Software Classification Using Transfer Learning of ResNet-50 Deep Neural Network. In Proceedings of 16th IEEE International Conference on Machine Learning and Applications (ICMLA). 1011--1014.
[9]
Jiawei Su, Danilo Vargas Vasconcellos, Sanjiva Prasad, Daniele Sgandurra, Yaokai Feng, and Kouichi Sakurai. 2018. Lightweight Classification of IoT Malware Based on Image Recognition. In 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC), Vol. 02. 664--669.
[10]
Danish Vasan, Mamoun Alazab, Sobia Wassan, Hamad Naeem, Babak Safaei, and Qin Zheng. 2020. IMCFN: Image-based malware classification using fine-tuned convolutional neural network architecture. Computer Networks 171 (2020), 107138.
[11]
Danish Vasan, Mamoun Alazab, Sobia Wassan, Babak Safaei, and Qin Zheng. 2020. Image-Based malware classification using ensemble of CNN architectures (IMCEC). Computers & Security 92 (2020), 101748.

Cited By

View all
  • (2024)Enhanced Image-Based Malware Classification Using Snake Optimization Algorithm With Deep Convolutional Neural NetworkIEEE Access10.1109/ACCESS.2024.342559312(95047-95057)Online publication date: 2024
  • (2024)MalSSL—Self-Supervised Learning for Accurate and Label-Efficient Malware ClassificationIEEE Access10.1109/ACCESS.2024.339225112(58823-58835)Online publication date: 2024
  • (2023)Attention-Based Cross-Modal CNN Using Non-Disassembled Files for Malware ClassificationIEEE Access10.1109/ACCESS.2023.325377011(22889-22903)Online publication date: 2023

Index Terms

  1. Deriving optimal deep learning models for image-based malware classification

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    SAC '22: Proceedings of the 37th ACM/SIGAPP Symposium on Applied Computing
    April 2022
    2099 pages
    ISBN:9781450387132
    DOI:10.1145/3477314
    Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 06 May 2022

    Check for updates

    Author Tags

    1. deep learning
    2. fine-tuning
    3. machine learning
    4. malware classification
    5. malware variant

    Qualifiers

    • Poster

    Conference

    SAC '22
    Sponsor:

    Acceptance Rates

    Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

    Upcoming Conference

    SAC '25
    The 40th ACM/SIGAPP Symposium on Applied Computing
    March 31 - April 4, 2025
    Catania , Italy

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)11
    • Downloads (Last 6 weeks)1
    Reflects downloads up to 17 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)Enhanced Image-Based Malware Classification Using Snake Optimization Algorithm With Deep Convolutional Neural NetworkIEEE Access10.1109/ACCESS.2024.342559312(95047-95057)Online publication date: 2024
    • (2024)MalSSL—Self-Supervised Learning for Accurate and Label-Efficient Malware ClassificationIEEE Access10.1109/ACCESS.2024.339225112(58823-58835)Online publication date: 2024
    • (2023)Attention-Based Cross-Modal CNN Using Non-Disassembled Files for Malware ClassificationIEEE Access10.1109/ACCESS.2023.325377011(22889-22903)Online publication date: 2023

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media