MalDet-Malware Detection Using Deep Learning and LSTM based Approach to Classify Malware

Computer security requires malware detection. Recent research manually uncovers hazardous features using machine learning-based techniques. MalDet, a cutting-edge malware detection method, is recommended in this paper. MalDet classifies malware using a stacking ensemble and learns from grayscale images and opcode sequences using CNN and LSTM networks. According to the evaluation, MalDet's malware detection validation accuracy is 99.89%. MalDet outperforms other previous research with 99.36% detection accuracy and a significant detection speedup on the Microsoft malware dataset. We classified nine malware families for MalDet

Malware Detection in Internet of Things (IoT) Devices Using Deep Learning

Internet of Things (IoT) devices usage is increasing exponentially with the spread of the internet. With the increasing capacity of data on IoT devices, these devices are becoming venerable to malware attacks; therefore, malware detection becomes an important issue in IoT devices. An effective, reliable, and time-efficient mechanism is required for the identification of sophisticated malware. Researchers have proposed multiple methods for malware detection in recent years, however, accurate detection remains a challenge. We propose a deep learning-based ensemble classification method for the detection of malware in IoT devices. It uses a three steps approach; in the first step, data is preprocessed using scaling, normalization, and de-noising, whereas in the second step, features are selected and one hot encoding is applied followed by the ensemble classifier based on CNN and LSTM outputs for detection of malware. We have compared results with the state-of-the-art methods and our proposed method outperforms the existing methods on standard datasets with an average accuracy of 99.5%.publishedVersio

R2-D2: ColoR-inspired Convolutional NeuRal Network (CNN)-based AndroiD Malware Detections

The influence of Deep Learning on image identification and natural language processing has attracted enormous attention globally. The convolution neural network that can learn without prior extraction of features fits well in response to the rapid iteration of Android malware. The traditional solution for detecting Android malware requires continuous learning through pre-extracted features to maintain high performance of identifying the malware. In order to reduce the manpower of feature engineering prior to the condition of not to extract pre-selected features, we have developed a coloR-inspired convolutional neuRal networks (CNN)-based AndroiD malware Detection (R2-D2) system. The system can convert the bytecode of classes.dex from Android archive file to rgb color code and store it as a color image with fixed size. The color image is input to the convolutional neural network for automatic feature extraction and training. The data was collected from Jan. 2017 to Aug 2017. During the period of time, we have collected approximately 2 million of benign and malicious Android apps for our experiments with the help from our research partner Leopard Mobile Inc. Our experiment results demonstrate that the proposed system has accurate security analysis on contracts. Furthermore, we keep our research results and experiment materials on http://R2D2.TWMAN.ORG.Comment: Verison 2018/11/15, IEEE BigData 2018, Seattle, WA, USA, Dec 10-13, 2018. (Accepted

Android-IoT Malware Classification and Detection Approach Using Deep URL Features Analysis

Currently, malware attacks pose a high risk to compromise the security of Android-IoT apps. These threats have the potential to steal critical information, causing economic, social, and financial harm. Because of their constant availability on the network, Android apps are easily attacked by URL-based traffic. In this paper, an Android malware classification and detection approach using deep and broad URL feature mining is proposed. This study entails the development of a novel traffic data preprocessing and transformation method that can detect malicious apps using network traffic analysis. The encrypted URL-based traffic is mined to decrypt the transmitted data. To extract the sequenced features, the N-gram analysis method is used, and afterward, the singular value decomposition (SVD) method is utilized to reduce the features while preserving the actual semantics. The latent features are extracted using the latent semantic analysis tool. Finally, CNN-LSTM, a multi-view deep learning approach, is designed for effective malware classification and detection

Obfuscated Malware Detection in IoT Android Applications Using Markov Images and CNN

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI linkThe threat of malware in the Internet of Things (IoT) is ever-present given that many IoT systems today rely on the Android operating system. There has been a consistent rise in Android malware recently, with new variants adopting sophisticated detection avoidance techniques, including various forms of obfuscation. Hence, there is a need to improve the effectiveness of Android malware detection as obfuscation becomes more prevalent in the wild. In this article, we present a novel approach for obfuscated malware detection in IoT Android applications based on the visualization of app executables with Markov images. The app images are trained using a convolutional neural network (CNN) to detect obfuscated malware and for the identification of the obfuscation type. We evaluate the performance of the proposed system by experimenting with four different classification models using 12000 Android applications. The CNN model created to distinguish between malware and benign apps obtained an accuracy of 99.41%. The model for identifying obfuscated malware from benign applications obtained 99.65% accuracy while the model created to identify obfuscated malware from non-obfuscated malware yielded an accuracy of 99.81%. The model for classifying obfuscated malware into 14 different obfuscation categories obtained an accuracy of 99.67%. These results show that CNN models trained from Markov images generated using application byte code can be highly effective for obfuscated malware detection and classification. Moreover, our proposed system provides a more sustainable and cost-effective method for obfuscated malware detection compared to the manual feature-engineering-based approaches that are more prevalent in the current literature