In recent years, malware attacks have been on the rise, posing severe security risks and resulting in significant financial losses. The ability to classify malware quickly and reliably is crucial for cybersecurity due to the exponential growth of malware variants. Artificial intelligence, particularly deep learning techniques, has played a vital role in the cybersecurity industry. Recently, in the field of malware detection, deep learning techniques have garnered more attention than traditional machine learning methods due to the complexity of malware behavior. Deep learning techniques have demonstrated superior performance in terms of accuracy and are well-suited for large-scale data.
This study explores four deep learning techniques applied to the design of a malware detection framework. The models were evaluated using a small dataset of malware. Consequently, the algorithms with the best performance, such as LSTM and RNN, yielded the lowest detection rates compared to other deep learning techniques. In this context, the unsupervised classifier, namely autoencoder LSTM, performed the best in terms of detection rate. It was able to provide better performance even for smaller datasets. The most significant input attribute considered for designing the malware detection framework was the system call-based API sequence. This work could be further enhanced by integrating a series of different dynamic features extracted from malware samples. Additionally, the model could be refined by implementing multilabel classification. Investigation into classifying malware families provides more insights into new malware variants for further analysis processes.
For further information, please visit this link.