Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (11A): 240200098-7.doi: 10.11896/jsjkx.240200098

• Information Security • Previous Articles     Next Articles

Multimodal Fusion Based Dynamic Malware Detection

LI Jianqiu1, LIU Wanping1, HUANG Dong2, ZHANG Qiong3   

  1. 1 College of Computer Science and Engineering,Chongqing University of Technology,Chongqing 400054,China
    2 Key Laboratory of Advanced Manufacturing Technology of the Ministry of Education,Guizhou University,Guiyang 550025,China
    3 Information Center,Chongqing Vocational and Technical University of Mechatronics,Chongqing 402760,China
  • Online:2024-11-16 Published:2024-11-13
  • About author:LI Jianqiu,born in 1997,postgraduate,is a member of CCF(No.R6779G).His research interestsis malware detection.
    LIU Wanping,born in 1986,Ph.D,associate professor,master supervisor,is a member of CCF(No.43152M).His main research interests include network and information security.
  • Supported by:
    Natural Science Foundation of Chongqing,China(cstc2021jcyj-msxmX0594).

PDF (PC)

159

Abstract: In recent years,the number of new types of malware has been increasing rapidly,and traditional signature-based malware detection methods are ineffective in the face of these these emerging threats.Therefore,there is an urgent need to develop new detection methods.As a solution,a novel approach based on multimodal dynamic malware detection is proposed.The method utilizes API call sequences as features,mapping these API features into multimodal information,and employs two distinct neural network models to process the multimodal information,thereby obtaining detection outcomes.By testing the proposed method on multiple public datasets,a detection accuracy of up to 99.98% is achieved.Experiments demonstrate that the proposed method exhibits high accuracy and generalization capability.Because this method does not require any disassembly operations,it can detect malware that uses packing techniques,effectively enhancing the robustness of the detection method.

Key words: Malware detection, Multimodal fusion, Deep learning

CLC Number: 

  • TP309.5
[1]GENG J,WANG J,FANG Z,et al.A survey of strategy-driven evasion methods for PE malware:Transformation,concealment,and attack[J].Computers & Security,2024,137:103595.
[2]LIU W,ZHONG S.Web malware spread modelling and optimalcontrol strategies[J].Scientific Reports,2017,7:42308.
[3]NI S,QIAN Q,ZHANG R.Malware identification using visua-lization images and deep learning[J].Computers & Security,2018,77:871-885.
[4]MANKU G S,JAIN A,DAS SARMA A.Detecting near-duplicates for web crawling[C]//Proceedings of the 16th International Conference on World Wide Web.2007:141-150.
[5]GIBERT D,MATEU C,PLANES J.HYDRA:A multimodaldeep learning framework for malware classification[J].Compu-ters & Security,2020,95:101873.
[6]SUN G,QIAN Q.Deep learning and visualization for identifying malware families[J].IEEE Transactions on Dependable and Secure Computing,2018,18(1):283-295.
[7]ZHANG Y,WALLACE B C.A Sensitivity Analysis of(andPractitioners' Guide to) Convolutional Neural Networks for Sentence Classification[C]//Proceedings of the Eighth International Joint Conference on Natural Language Processing(Vo-lume 1:Long Papers).2017:253-263.
[8]DENG J,DONG W,SOCHER R,et al.Imagenet:A large-scale hierarchical image database[C]//2009 IEEE Conference on Computer Vision and Pattern Recognition.IEEE,2009:248-255.
[9]RONEN R,RADU M,FEUERSTEIN C,et al.Microsoft mal-ware classification challenge[J].arXiv:1802.10135,2018.
[10]MANIRIHO P,MAHMOOD A N,CHOWDHURY M J M.MalDetConv:Automated Behaviour-based Malware Detection Framework Based on Natural Language Processing and Deep Learning Techniques[J].arXiv:2209.03547,2022.
[11]ALLAN N,NGUBIRI J.Windows PE API calls for malicious and benigin programs[J].International Journal of Technology and Management,2019,3(2):1-9.
[12]KI Y,KIM E,KIM H K.A novel approach to detect malware based on API call sequence analysis[J].International Journal of Distributed Sensor Networks,2015,11(6):659101.
[13]Alibaba Cloud Malware Detection Based on Behaviors [EB/OL].[2018].https://tianchi.aliyun.com/getStart/information.htm?raceId=231694.
[14]SIMONYAN K,ZISSERMAN A.Very deep convolutional networks for large-scale image recognition[C]//3rd International Conference on Learning Representations(ICLR 2015).Computational and Biological Learning Society,2015.
[15]HUANG G,LIU Z,VAN DER MAATEN L,et al.Densely con-nected convolutional networks[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.2017:4700-4708.
[16]HE K,ZHANG X,REN S,et al.Deep residual learning forimage recognition[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.2016:770-778.
[17]AMER E,ZELINKA I.A dynamic Windows malware detection and prediction method based on contextual understanding of API call sequence[J].Computers & Security,2020,92:101760.
[18]AMER E,EL-SAPPAGH S,HU J W.Contextual identification of windows malware through semantic interpretation of api call sequence[J].Applied Sciences,2020,10(21):7673.
[19]TRAN T K,SATO H.NLP-based approaches for malware classification from API sequences[C]//2017 21st Asia Pacific Symposium on Intelligent and Evolutionary Systems(IES).IEEE,2017:101-105.
[20]GAO M,WU P,PAN L.Malware Detection with Limited Supervised Information via Contrastive Learning on API Call Sequences[C]//International Conference on Information and Communications Security.Cham:Springer International Publishing,2022:492-507.
[21]XU A,CHEN L,KUANG X,et al.A hybrid deep learning mo-del for malicious behavior detection[C]//2020 IEEE 6th Intl Conference on Big Data Security on Cloud(BigDataSecurity),IEEE International Conference on High Performance and Smart Computing,(HPSC) and IEEE Intl Conference on Intelligent Data and Security(IDS).IEEE,2020:55-59.
[22]ZHANG Z,LI Y,DONG H,et al.Spectral-based directed graph network for malware detection[J].IEEE Transactions on Network Science and Engineering,2020,8(2):957-970.
[23]ZHANG S,WU J,ZHANG M,et al.Dynamic Malware Analysis Based on API Sequence Semantic Fusion[J].Applied Sciences,2023,13(11):6526.
[24]ZHANG Z,LI Y,WANG W,et al.Malware detection with dynamic evolving graph convolutional networks[J].International Journal of Intelligent Systems,2022,37(10):7261-7280.
[1] DU Yu, YU Zishu, PENG Xiaohui, XU Zhiwei. Padding Load:Load Reducing Cluster Resource Waste and Deep Learning Training Costs [J]. Computer Science, 2024, 51(9): 71-79.
[2] XU Jinlong, GUI Zhonghua, LI Jia'nan, LI Yingying, HAN Lin. FP8 Quantization and Inference Memory Optimization Based on MLIR [J]. Computer Science, 2024, 51(9): 112-120.
[3] CHEN Liang, SUN Cong. Deep-learning Based DKOM Attack Detection for Linux System [J]. Computer Science, 2024, 51(9): 383-392.
[4] SUN Yumo, LI Xinhang, ZHAO Wenjie, ZHU Li, LIANG Ya’nan. Driving Towards Intelligent Future:The Application of Deep Learning in Rail Transit Innovation [J]. Computer Science, 2024, 51(8): 1-10.
[5] KONG Lingchao, LIU Guozhu. Review of Outlier Detection Algorithms [J]. Computer Science, 2024, 51(8): 20-33.
[6] TANG Ruiqi, XIAO Ting, CHI Ziqiu, WANG Zhe. Few-shot Image Classification Based on Pseudo-label Dependence Enhancement and NoiseInterferenceReduction [J]. Computer Science, 2024, 51(8): 152-159.
[7] XIAO Xiao, BAI Zhengyao, LI Zekai, LIU Xuheng, DU Jiajin. Parallel Multi-scale with Attention Mechanism for Point Cloud Upsampling [J]. Computer Science, 2024, 51(8): 183-191.
[8] ZHANG Junsan, CHENG Ming, SHEN Xiuxuan, LIU Yuxue, WANG Leiquan. Diversified Label Matrix Based Medical Image Report Generation [J]. Computer Science, 2024, 51(8): 200-208.
[9] GUO Fangyuan, JI Genlin. Video Anomaly Detection Method Based on Dual Discriminators and Pseudo Video Generation [J]. Computer Science, 2024, 51(8): 217-223.
[10] CHEN Siyu, MA Hailong, ZHANG Jianhui. Encrypted Traffic Classification of CNN and BiGRU Based on Self-attention [J]. Computer Science, 2024, 51(8): 396-402.
[11] YANG Heng, LIU Qinrang, FAN Wang, PEI Xue, WEI Shuai, WANG Xuan. Study on Deep Learning Automatic Scheduling Optimization Based on Feature Importance [J]. Computer Science, 2024, 51(7): 22-28.
[12] LI Jiaying, LIANG Yudong, LI Shaoji, ZHANG Kunpeng, ZHANG Chao. Study on Algorithm of Depth Image Super-resolution Guided by High-frequency Information ofColor Images [J]. Computer Science, 2024, 51(7): 197-205.
[13] SHI Dianxi, GAO Yunqi, SONG Linna, LIU Zhe, ZHOU Chenlei, CHEN Ying. Deep-Init:Non Joint Initialization Method for Visual Inertial Odometry Based on Deep Learning [J]. Computer Science, 2024, 51(7): 327-336.
[14] FAN Yi, HU Tao, YI Peng. Host Anomaly Detection Framework Based on Multifaceted Information Fusion of SemanticFeatures for System Calls [J]. Computer Science, 2024, 51(7): 380-388.
[15] GAN Run, WEI Xianglin, WANG Chao, WANG Bin, WANG Min, FAN Jianhua. Backdoor Attack Method in Autoencoder End-to-End Communication System [J]. Computer Science, 2024, 51(7): 413-421.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.