Malware Classification with GMM-HMM Models
Jing Zhao, Samanvitha Basole, Mark Stamp
2021
Abstract
Discrete hidden Markov models (HMM) are often applied to malware detection and classification problems. However, the continuous analog of discrete HMMs, that is, Gaussian mixture model-HMMs (GMM-HMM), are rarely considered in the field of cybersecurity. In this paper, we use GMM-HMMs for malware classification and we compare our results to those obtained using discrete HMMs. As features, we consider opcode sequences and entropy-based sequences. For our opcode features, GMM-HMMs produce results that are comparable to those obtained using discrete HMMs, whereas for our entropy-based features, GMM-HMMs generally improve significantly on the classification results that we have achieved with discrete HMMs.
DownloadPaper Citation
in Harvard Style
Zhao J., Basole S. and Stamp M. (2021). Malware Classification with GMM-HMM Models.In Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ForSE, ISBN 978-989-758-491-6, pages 753-762. DOI: 10.5220/0010409907530762
in Bibtex Style
@conference{forse21,
author={Jing Zhao and Samanvitha Basole and Mark Stamp},
title={Malware Classification with GMM-HMM Models},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ForSE,},
year={2021},
pages={753-762},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010409907530762},
isbn={978-989-758-491-6},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ForSE,
TI - Malware Classification with GMM-HMM Models
SN - 978-989-758-491-6
AU - Zhao J.
AU - Basole S.
AU - Stamp M.
PY - 2021
SP - 753
EP - 762
DO - 10.5220/0010409907530762