Malware Classification Based on Multilayer Perception and Word2Vec for IoT Security

With the construction of smart cities, the number of Internet of Things (IoT) devices is growing rapidly, leading to an explosive growth of malware designed for IoT devices. These malware pose a serious threat to the security of IoT devices. The traditional malware classification methods mainly rely on feature engineering. To improve accuracy, a large number of different types of features will be extracted from malware files in these methods. That brings a high complexity to the classification. To solve these issues, a malware classification method based on Word2Vec and Multilayer Perception (MLP) is proposed in this article. First, for one malware sample, Word2Vec is used to calculate a word vector for all bytes of the binary file and all instructions in the assembly file. Second, we combine these vectors into a 256x256x2-dimensional matrix. Finally, we designed a deep learning network structure based on MLP to train the model. Then the model is used to classify the testing samples. The experimental results prove that the method has a high accuracy of 99.54%.

Malware Classification Using Machine Learning and Image Processing

Malware is routinely used for illegal reasons, and new malware variants are discovered every day. Computer vision in computer security is one of the most significant disciplines of research today, and it has witnessed tremendous growth in the preceding decade due to its efficacy. We employed research in machine-learning and deep-learning technology such as Logistic Regression, ANN, CNN, transfer learning on CNN, and LSTM to arrive at our conclusions. We have published analysis-based results from a range of categorization models in the literature. InceptionV3 was trained using a transfer learning technique, which yielded reasonable results when compared with other methods such as LSTM. On the test dataset, the transferring learning technique was about 98.76 percent accurate, while on the train dataset, it was around 99.6 percent accurate. Keywords: Malware, illegal activity, Deep learning, Network Security,

Understanding Deep Learning Architecture to Various Problems of Cyber Security

Traditional machine learning has evolved into deep learning. It's capable of extracting the best feature representation from raw input samples. Intrusion detection, malware classification, Android malware detection, spam and phishing detection, and binary analysis are just a few examples of how this has been used in cyber security. Deep auto encoders, limited Boltzmann machines, recurrent neural networks, generative adversarial networks, and other DL methods are all described in this study in a brief tutorial-style method. After that, we'll go over how each of the DL methods is employed in security applications. Keywords: Machine, Cyber, Security, Architecture, Technology.

Malware Classification Using Static Disassembly and Machine Learning

<div>Network and system security are incredibly critical issues now. Due to the rapid proliferation of malware, traditional analysis methods struggle with enormous samples.</div><div>In this paper, we propose four easy-to-extract and small-scale features, including sizes and permissions of Windows PE sections, content complexity, and import libraries, to classify malware families, and use automatic machine learning to search for the best model and hyper-parameters for each feature and their combinations. Compared with detailed behavior-related features like API sequences, proposed features provide macroscopic information about malware. The analysis is based on static disassembly scripts and hexadecimal machine code. Unlike dynamic behavior analysis, static analysis is resource-efficient and offers complete code coverage, but is vulnerable to code obfuscation and encryption.<br></div><div>The results demonstrate that features which work well in dynamic analysis are not necessarily effective when applied to static analysis. For instance, API 4-grams only achieve 57.96% accuracy and involve a relatively high dimensional feature set (5000 dimensions). In contrast, the novel proposed features together with a classical machine learning algorithm (Random Forest) presents very good accuracy at 99.40% and the feature vector is of much smaller dimension (40 dimensions). We demonstrate the effectiveness of this approach through integration in IDA Pro, which also facilitates the collection of new training samples and subsequent model retraining.<br></div>