An Efficient Detection of Malware by Naive Bayes Classifier Using GPGPU

  • Sanjay K. SahayEmail author
  • Mayank Chaudhari
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 924)


Due to continuous increase in the number of malware (according to AV-Test institute total \({\sim } 8 \times 10^8\) malware are already known, and every day they register \({\sim } 2.5 \times 10^4\) malware) and files in the computational devices, it is very important to design a system which not only effectively but can also efficiently detect the new or previously unseen malware to prevent/minimize the damages. Therefore, this paper presents a novel group-wise approach for the efficient detection of malware by parallelizing the classification using the power of GPGPU and shown that by using the Naive Bayes classifier, the detection speedup can be boosted up to 200x. The investigation also shows that the classification time increases significantly with the number of features.


Malware detection GPGPU Machine learning Computer security 


  1. 1.
    Allix, K., Bissyandé, T.F., Jérome, Q., Klein, J., State, R., Le Traon, Y.: Large-scale machine learning-based malware detection: confronting the “10-fold cross validation” scheme with reality. In: Proceedings of the 4th ACM Conference on Data and Application Security and Privacy. CODASPY ’14, ACM, New York, NY, USA, pp. 163–166 (2014).
  2. 2.
    Bilar, D.: Opcodes as predictor for malware. Int. J. Electron. Secur. Digit. Forensic 1(2), 156–168 (2007). Scholar
  3. 3.
    Bowen, B.M., Prabhu, P.V., Kemerlis, V.P., Sidiroglou, S., Stolfo, S.J., Keromytis, A.D.: Methods, systems, and media for detecting covert malware (2018).
  4. 4.
    Canto, J., Dacier, M., Kirda, E., Leita, C.: Large scale malware collection: lessons learned. In: SRDS 2008, 27th International Symposium on Reliable Distributed Systems, October 6–8, 2008, Napoli, Italy. Napoli, ITALY (2008).
  5. 5.
    Corporation, S.: Internet Security Threat Report. Technical report ((Date last accessed 31-May-2018)) (2017). /docs/reports/istr-22-2017-en.pdf
  6. 6.
    Corporation, S.: Internet Security Threat Report. Technical report (2018) (Date last accessed 31-May-2018)Google Scholar
  7. 7.
    Guyon, I.: A scaling law for the validation-set training-set size ratio. In: AT & T Bell Laboratories (1997)Google Scholar
  8. 8.
    Huang, A., Al-Dujaili, A., Hemberg, E., O’Reilly, U.: Adversarial deep learning for robust detection of binary encoded malware. CoRR (2018). arXiv:abs/1801.02950
  9. 9.
    Huda, S., Islam, R., Abawajy, J., Yearwood, J., Hassan, M.M., Fortino, G.: A hybrid-multi filter-wrapper framework to identify run-time behaviour for fast malware detection. Future Gener. Comput. Syst. 83, 193–207 (2018). Scholar
  10. 10.
    Hung, C.L., Wang, H.H.: Parallel botnet detection system by using GPU. In: 2014 IEEE/ACIS 13th International Conference on Computer and Information Science (ICIS), pp. 65–70 (2014)Google Scholar
  11. 11.
    institute, A.T.: Malware statistics (2018). (Online; accessed 10-June-2018)
  12. 12.
    Korkin, I., Nesterow, I.: Acceleration of statistical detection of zero-day malware in the memory dump using CUDA-enabled GPU hardware. CoRR (2016). arXiv:abs/1606.04662
  13. 13.
    Manel Abdellatif, C.T., Hamou-Lhadj, A., Dagenais, M.: On the use of mobile GPU for accelerating malware detection using trace analysis. In: 2015 IEEE 34th Symposium on Reliable Distributed Systems Workshop (SRDSW), pp. 38. Montreal, QC, Canada (2016)Google Scholar
  14. 14.
    McAfee: McAfee Labs Threats Report. Technical report (2017)Google Scholar
  15. 15.
    Pungila, C., Negru, V.: A highly-efficient memory-compression approach for GPU-accelerated virus signature matching. In: International Conference on Information Security (ISC 2012), pp. 354–369 (2012)Google Scholar
  16. 16.
    Quinn, M.J.: Parallel Computing: Theory and Practice, pp. 80–83 (2002)Google Scholar
  17. 17.
    Lee, R.M., Assante, M.J., Conway, T.: Analysis of the cyber attack on the Ukrainian power grid. Technical report, E-ISAC group SANS (2016)Google Scholar
  18. 18.
    Ronen, R., Radu, M., Feuerstein, C., Yom-Tov, E., Ahmadi, M.: Microsoft malware classification challenge. CoRR (2018). arXiv:abs/1802.10135
  19. 19.
    Sahay, S.K., Sharma, A.: Grouping the executables to detect malwares with high accuracy. Procedia Comput. Sci. 78(C), 667–674 (Mar 2016), Scholar
  20. 20.
    Sharma, A., Sahay, S.K.: Evolution and detection of polymorphic and metamorphic malwares: a survey. Int. J. Comput. Appl. 90(2), 7–11 (2014)Google Scholar
  21. 21.
    Sharma, A., Sahay, S.K.: An effective approach for classification of advanced malware with high accuracy. Int. J. Secur. Appl. 10(4), 249–266 (2016)Google Scholar
  22. 22.
    Sharma, A., Sahay, S.K.: Group-wise classification approach to improve android malicious apps detection accuracy. Int. J. Netw. Secur. (2018)Google Scholar
  23. 23.
    Sharma, A., Sahay, S.K., Kumar, A.: Improving the detection accuracy of unknown malware by partitioning the executables in groups. In: Proceedings 9th ICACCT, 2015 Advances in Intelligent System and Computing , p. 421. Springer (2016)Google Scholar
  24. 24.
    Stone, R.: A call to cyber arms. Science 339(6123), 1026–1027 (2013)CrossRefGoogle Scholar
  25. 25.
    Ucci, D., Aniello, L., Baldoni, R.: Survey on the usage of machine learning techniques for malware analysis. CoRR (2017). arXiv:abs/1710.08189
  26. 26.
    Velea, R., Dragan, S.: CPU/GPU hybrid detection for malware signatures. In: 2017 International Conference on Computer and Applications (ICCA), pp. 85–89 (2017)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Department of CS & ISBITS, PilaniSancoaleIndia

Personalised recommendations