Abstract
Malicious software harms computer and network resources. For malware detection, various machine learning and deep learning algorithms are used. In this paper, binary classification of benign and malware files is done using a multi-layer perceptron model using dynamic features. Both malware and benign samples are executed into the dynamic analysis environment using the Cuckoo sandbox. Cuckoo sandbox generates the detailed behavioural reports which consist of several runtime features like API calls, registry changes and network activities. These features are investigated and represented as a training feature set. After that multi-layer perceptron model is trained over the training feature set. Different parameter values of activation function, loss function and alpha (regularization parameter) are used for training the multi-layer perceptron model to develop the optimal malware classifier. The proposed malware classifier produced an accuracy of 99.2% using the Adam loss function in binary classification of the executable files.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
M. Alaeiyan, S. Parsa, M. Conti, Analysis and classification of context-based malware behavior. Comput. Commun. 136, 76–90 (2019)
Q.K. Ali Mirza, I. Awan, M. Younas, CloudIntell: an intelligent malware detection system. Future Gener. Comput. Syst. 1–12 (2017)
AV-TEST, Malware Statistics & Trends Report, https://www.avtest.org/en/statistics/malware (2019)
J. Singh, J. Singh, Ransomware: an illustration of malicious cryptography. Int. J. Recent Technol. Eng. (IJRTE) 8(2), 1608–1611 (2019)
M. Wagner, A. Rind, N. Thür, W. Aigner, A knowledge-assisted visual malware analysis system: design, validation, and reflection of KAMAS. Comput. Secur. 67, 1–15 (2017)
J. Zhang, Machine learning with feature selection using principal component analysis for malware detection: a case study. Sophos, January 2019
P. Burnap, R. French, F. Turner, K. Jones, Malware classification using self organising feature maps and machine activity data. Comput. Secur. 73, 399–410 (2017)
W. Mao, Z. Cai, D. Towsley, Q. Feng, X. Guan, Security importance assessment for system objects and malware detection. Comput. Secur. 68, 47–68 (2017)
J. Singh, J. Singh, Detection of malicious software by analyzing the behavioral artifacts using machine learning algorithms. Inf. Softw. Technol. 121(January), 106273 (2020). https://doi.org/10.1016/j.infsof.2020.106273
J. Singh, J. Singh, Challenges of malware analysis: obfuscation techniques. Int. J. Inf. Secur. Sci. 7(3), 100–110 (2018)
A. Pfeffer, B. Ruttenberg, L. Kellogg, M. Howard, C. Call, A. O’Connor, J. Frank, Artificial Intelligence Based Malware Analysis, pp. 1–38 (2017)
D. Gavrilut, M. Mihai Cimpoes, D. Anton, L. Ciortuz, Malware detection using machine learning, in Proceedings of the International Multiconference on Computer Science and Information Technology (2009), pp. 735–741
A. Shabtai, R. Moskovitch, C. Feher, S. Dolev, Y. Elovici, Detecting unknown malicious code by applying classification techniques on OpCode patterns. Secur. Inf. 1(1), 1–22 (2012)
Z. Pan, C. Feng, C. Tang, Malware classification based on the behavior analysis and back propagation neural network, in ITM Web of Conferences, China (2016), pp. 1–5
B.N. Narayanan, O. Djaneye-boundjou, T.M. Kebede, Performance analysis of machine learning and pattern recognition algorithms for malware classification, in IEEE Aerospace and Electronics Conference and Ohio Innovation Summit, Dayton, OH, USA (2016), pp. 338–342
I. Ghafir, M. Hammoudeh, V. Prenosil, L. Han, Detection of advanced persistent threat using machine-learning correlation analysis. Future Gener. Comput. Syst. 89, 340–349 (2018)
Q. Le, O. Boydell, B. Mac, M. Scanlon, Deep learning at the shallow end: malware classification for non-domain experts. Digital Invest. 26, 118–126 (2018)
J. Stiborek, T. Pevný, M. Rehák, Multiple instance learning for malware classification. Expert Syst. Appl. 93, 346–357 (2018)
H. Zhang, X. Xiao, F. Mercaldo, S. Ni, F. Martinelli, Classification of ransomware families with machine learning based on N-gram of opcodes. Future Gener. Comput. Syst. 90, 211–221 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Singh, J., Singh, J. (2021). Malware Classification Using Multi-layer Perceptron Model. In: Gupta, D., Khanna, A., Bhattacharyya, S., Hassanien, A.E., Anand, S., Jaiswal, A. (eds) International Conference on Innovative Computing and Communications. Advances in Intelligent Systems and Computing, vol 1166. Springer, Singapore. https://doi.org/10.1007/978-981-15-5148-2_14
Download citation
DOI: https://doi.org/10.1007/978-981-15-5148-2_14
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-5147-5
Online ISBN: 978-981-15-5148-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)