Malware Classification using Long Short-term Memory Models
Dennis Dang, Fabio Di Troia, Mark Stamp
2021
Abstract
Signature and anomaly based techniques are the quintessential approaches to malware detection. However, these techniques have become increasingly ineffective as malware has become more sophisticated and complex. Researchers have therefore turned to deep learning to construct better performing model. In this paper, we create four different long-short term memory (LSTM) based models and train each to classify malware samples from 20 families. Our features consist of opcodes extracted from malware executables. We employ techniques used in natural language processing (NLP), including word embedding and bidirection LSTMs (biLSTM), and we also use convolutional neural networks (CNN). We find that a model consisting of word embedding, biLSTMs, and CNN layers performs best in our malware classification experiments.
DownloadPaper Citation
in Harvard Style
Dang D., Di Troia F. and Stamp M. (2021). Malware Classification using Long Short-term Memory Models.In Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ForSE, ISBN 978-989-758-491-6, pages 743-752. DOI: 10.5220/0010378007430752
in Bibtex Style
@conference{forse21,
author={Dennis Dang and Fabio Di Troia and Mark Stamp},
title={Malware Classification using Long Short-term Memory Models},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ForSE,},
year={2021},
pages={743-752},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010378007430752},
isbn={978-989-758-491-6},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ForSE,
TI - Malware Classification using Long Short-term Memory Models
SN - 978-989-758-491-6
AU - Dang D.
AU - Di Troia F.
AU - Stamp M.
PY - 2021
SP - 743
EP - 752
DO - 10.5220/0010378007430752