Browse > Article
http://dx.doi.org/10.7472/jksii.2020.21.5.57

A Feature-Based Malicious Executable Detection Approach Using Transfer Learning  

Zhang, Yue (Dept. of Information Science and Technology, Jiujiang University)
Yang, Hyun-Ho (Dept. of Computer Information & Communication Engineering, Kunsan National University)
Gao, Ning (Dept. of Information Science and Technology, Jiujiang University)
Publication Information
Journal of Internet Computing and Services / v.21, no.5, 2020 , pp. 57-65 More about this Journal
Abstract
At present, the existing virus recognition systems usually use signature approach to detect malicious executable files, but these methods often fail to detect new and invisible malware. At the same time, some methods try to use more general features to detect malware, and achieve some success. Moreover, machine learning-based approaches are applied to detect malware, which depend on features extracted from malicious codes. However, the different distribution of features oftraining and testing datasets also impacts the effectiveness of the detection models. And the generation oflabeled datasets need to spend a significant amount time, which degrades the performance of the learning method. In this paper, we use transfer learning to detect new and previously unseen malware. We first extract the features of Portable Executable (PE) files, then combine transfer learning training model with KNN approachto detect the new and unseen malware. We also evaluate the detection performance of a classifier in terms of precision, recall, F1, and so on. The experimental results demonstrate that proposed method with high detection rates andcan be anticipated to carry out as well in the real-world environment.
Keywords
Malicious Executable Detection; Transfer Learning; Feature-Based;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Lee Sang-Hun, Kim Won, Do Kyoung-Hwa, Jun Moon-Seog, "WAVScanner: Design and Implement of Web Based Anti-Virus Scanner", Journal of Internet Computing and Services, Vol. 5, No. 3, pp. 11-24, 2004. https://www.koreascience.or.kr/article/JAKO200414714103092.page
2 K. K. Vasan, B. Surendiran, "Dimensionality Reduction Using Principal Component Analysis for Network Intrusion Detection", Perspectives on Science, vol. 8, pp. 510-512, 2016. https://doi.org/10.1016/j.pisc.2016.05.010   DOI
3 Cho San, Mie Su Thwin, "Proposed Effective Feature Extraction and Selection for Malicious Software Classification", Advances in Biometrics, pp.51-71,2019. https://doi.org/10.1007/978-3-030-30436-2_3
4 Oh-Ryun Kwon, Kyong-Pil Min, Jun-Chul Chun, "Real-Time Face Recognition Based on Subspace and LVQ Classifier",Journal of Internet Computing and Services, Vol. 8, No. 3, pp. 19-32, Jun. 2007.
5 Zhao, Juan, Sachin Shetty,Jan Wei Pan, "Feature-based transfer learning for network security", MILCOM 2017-2017 IEEE Military Communications Conference (MILCOM), pp.17-22, 2017. https://doi.org/10.1109/MILCOM.2017.8170749
6 Umarani, S, D. Sharmila, "Predicting application layer DDoS attacks using machine learning algorithms", International Journal of Computer and Systems Engineering, Vol. 8, No. 10, pp. 1912-1917, 2015. https://doi.org/10.5281/zenodo.1099004
7 Nguyen Hoai-Vu, Yongsun Choi, "Proactive detection of DDoS attacks utilizingk-NN classifier in an anti-DDoS framework", International Journal of Electrical, Computer, and Systems Engineering, Vol. 4, No. 3, pp. 537-542, 2010. https://pdfs.semanticscholar.org/38fe/3f1f9a7913a561a2878b8498f91b1550ab87.pdf
8 Henchiri Olivier, Nathalie Japkowicz, "A feature selection and evaluation scheme for computer virus detection", Sixth International Conference on Data Mining (ICDM'06), IEEE, pp. 891-895, 2006. https://doi.org/10.1109/ICDM.2006.4
9 Schultz M G, Eskin E, Zadok F, "Data mining methods for detection of new malicious executables", Proceedings 2001 IEEE Symposium on Security and Privacy, S&P 2001, pp. 38-49, 2001. https://doi.org/10.1109/SECPRI.2001.924286
10 Oliveira Angelo, Renato Jose Sassi, "Behavioral Malware Detection Using Deep Graph Convolutional Neural Networks", 2019. https://scholar.google.com.hk/scholar?hl=zh-CN&as_sdt=0%2C5&q=Behavioral+Malware+Detection+Using+Deep+Graph+Convolutional+Neural+Networks&btnG
11 Jeongwhan Choi, "Iceberg-Ship Classification in SAR Images Using Convolutional Neural Network with Transfer Learning", Journal of Internet Computing and Services, Vol. 19, No. 4, pp. 35-44, 2018. http://www.jics.or.kr/digital-library/15357   DOI
12 Matt, Pietrek, "Peering inside the PE: a tour of the Win32 portable executable file format", MSDN Library, 1994. https://www.cnblogs.com/antoniozhou/archive/2008/10/22/1317274.html