Static malware clustering using enhanced deep embedding method. (16th April 2019)
- Record Type:
- Journal Article
- Title:
- Static malware clustering using enhanced deep embedding method. (16th April 2019)
- Main Title:
- Static malware clustering using enhanced deep embedding method
- Authors:
- Ng, Chee Keong
Jiang, Frank
Zhang, Leo Yu
Zhou, Wanlei - Other Names:
- Wyrzykowski Roman guestEditor.
Szymanski Boleslaw guestEditor.
Pan Lei guestEditor.
Zhang Jun guestEditor.
Oliver Jonathan guestEditor. - Abstract:
- Summary: Malware refers to any software, programs, or files that are intentionally utilised to compromise the system and cause unexpected losses to end‐users such as economical losses or privacy breaches. The rapid growth of malware makes it impossible to keep up with its progress merely via human interventions or manual analysis. One of the challenges for the human‐oriented approaches is they will cause backlog and inability to keep up with the development traces of the malware. Hence, an efficient method is needed urgently to analyse effectively and identify accurately the malware in their domain. Malware clustering has been extensively studied in the machine learning area with regards to distance functions, grouping algorithm and cluster validation. A large number of research studies have been done via behavioral analysis for clustering to achieve high performance of malware detections. However, there is a trade‐off for better detection performance between behaviorial approaches and high computational forces. Up to date, little work focuses on the deep learning representations for malware clustering. Therefore, in this paper, we propose an enhanced deep embedded clustering method to facilitate an effective and efficient malware clustering process. The new method takes advantage of linear dimensionality reduction and a customised deep neural network to learn malware representations in an orthogonal space and performs cluster assignments. Our experimental resultsSummary: Malware refers to any software, programs, or files that are intentionally utilised to compromise the system and cause unexpected losses to end‐users such as economical losses or privacy breaches. The rapid growth of malware makes it impossible to keep up with its progress merely via human interventions or manual analysis. One of the challenges for the human‐oriented approaches is they will cause backlog and inability to keep up with the development traces of the malware. Hence, an efficient method is needed urgently to analyse effectively and identify accurately the malware in their domain. Malware clustering has been extensively studied in the machine learning area with regards to distance functions, grouping algorithm and cluster validation. A large number of research studies have been done via behavioral analysis for clustering to achieve high performance of malware detections. However, there is a trade‐off for better detection performance between behaviorial approaches and high computational forces. Up to date, little work focuses on the deep learning representations for malware clustering. Therefore, in this paper, we propose an enhanced deep embedded clustering method to facilitate an effective and efficient malware clustering process. The new method takes advantage of linear dimensionality reduction and a customised deep neural network to learn malware representations in an orthogonal space and performs cluster assignments. Our experimental results demonstrate that the proposed clustering model outperforms the traditional K‐means method with regards to the enhanced features using various auto‐encoder, pre‐trained weight and principle component analysis (PCA). … (more)
- Is Part Of:
- Concurrency and computation. Volume 31:Number 19(2019)
- Journal:
- Concurrency and computation
- Issue:
- Volume 31:Number 19(2019)
- Issue Display:
- Volume 31, Issue 19 (2019)
- Year:
- 2019
- Volume:
- 31
- Issue:
- 19
- Issue Sort Value:
- 2019-0031-0019-0000
- Page Start:
- n/a
- Page End:
- n/a
- Publication Date:
- 2019-04-16
- Subjects:
- deep learning -- malware clustering -- machine learning
Parallel processing (Electronic computers) -- Periodicals
Parallel computers -- Periodicals
004.35 - Journal URLs:
- http://onlinelibrary.wiley.com/ ↗
- DOI:
- 10.1002/cpe.5234 ↗
- Languages:
- English
- ISSNs:
- 1532-0626
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3405.622000
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 11716.xml