Ensemble Learning for Low-Level Hardware-Supported Malware Detection

Abstract. Recent work demonstrated hardware-based online malware detection using only low-level features. This detector is envisioned as a first line of defense that prioritizes the application of more expensive and more accurate software detectors. Critical to such a framework is the detection performance of the hardware detector. In this paper, we explore the use of both specialized detectors and ensemble learning tech-niques to improve performance of the hardware detector. The proposed detectors reduce the false positive rate by more than half compared to a single detector, while increasing the detection rate. We also contribute approximate metrics to quantify the detection overhead, and show that the proposed detectors achieve more than 11x reduction in overhead compared to a software only detector (1.87x compared to prior work), while improving detection time. Finally, we characterize the hardware complexity by extending an open core and synthesizing it on an FPGA platform, showing that the overhead is minimal.

Deep learning meets malware detection: An investigation

From the dawn of computer programs, malware programs were originated and still with us. With evolving of technology, malware programs are also evolving. It is considered as one of the prime issues regarding cyber world security. Damage caused by the malware programs ranges from system failure to financial loss. Traditional approach for malware classification approach are not very suitable for advance malware programs. For the continuously evolving malware ecosystem deep learning approaches are more suitable as they are faster and can predict malware more effectively. To our best of knowledge, there has not substantial research done on deep learning based malware detection on different sectors like: IoT, Bio-medical sectors and Cloud platforms. The key contribution of this chapter will be creating directions of malware detection depending on deep learning. The chapter will be beneficial for graduate level students, academicians and researchers in this application domain