Detecting malware using deep learning techniques
Over the years, malware is getting stronger and growing to become a powerful threat in the Information Technological Sector. Once infected on a computing system, the malicious software can perform malicious activities such as employing different encryption algorithms to encrypt users’ data, hinderin...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
Nanyang Technological University
2021
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/148025 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | Over the years, malware is getting stronger and growing to become a powerful threat in the Information Technological Sector. Once infected on a computing system, the malicious software can perform malicious activities such as employing different encryption algorithms to encrypt users’ data, hindering the lives of many in the cyber community. Therefore, the importance of mitigating such a cybersecurity risk becomes increasing relevant in the today’s society.
Given the advancement of machine learning in recent years, machine learning has achieved recognition for providing solutions to complex classification tasks. Deep learning has also become one of the machine learning technique to be incorporate into anti-malware solutions to identify malwares.
The primary purpose of this project is to obtain malware features datasets which is extracted from malicious and benign Windows Portable Executable (PE) files. The 3 static analysis features namely PE section header, PE imports and PE file raw byte stream and 1 dynamic analysis feature known as API call sequences will be extracted for this project. Using the distinct features as input, 4 deep learning models are implemented to perform binary malware classification
Moreover, a deep learning ensemble model, combining the above 4 neural networks classifiers, is developed to be utilise as an extension to existing endpoint security software for malware detection. The results of evaluating the ensemble model on unseen data shows a high accuracy of 99.31%, indicating a high prediction capability to classify new and unseen malware samples. |
|---|