A few-shot malware classification approach for unknown family recognition using malware feature visualization. Issue 122 (November 2022)
- Record Type:
- Journal Article
- Title:
- A few-shot malware classification approach for unknown family recognition using malware feature visualization. Issue 122 (November 2022)
- Main Title:
- A few-shot malware classification approach for unknown family recognition using malware feature visualization
- Authors:
- Conti, Mauro
Khandhar, Shubham
Vinod, P. - Abstract:
- Abstract: With the ever-increasing threat of malware attacks, building an effective malware classifier to detect malware promptly is of utmost importance. Malware visualization approaches and deep learning techniques have proven effective in classifying sophisticated malware from benchmark datasets. A major problem with traditional deep learning classifier is the need to re-train the classifier when a new malware family emerges. In this paper, we propose few-shot classification techniques which allows us to classify malware based on a few instances and without the need for re-training the classifier for novel malware families. We also propose a novel malware visualization technique that can represent a malware binary as a 3-channel image. We experiment with two distinct few-shot learning architectures namely CSNN (Convolutional Siamese Neural Network) and Shallow-FS (Shallow Few-Shot). CSNN is more suitable when scarce data is available for training, otherwise Shallow-FS can be used to achieve better performance. Our architectures outperforms state of the art few-shot learning approaches and achieves high accuracy in traditional malware classification. Our experiments show our models' ability to classify recent and novel malware families from just a few instances with high accuracy.
- Is Part Of:
- Computers & security. Issue 122(2022)
- Journal:
- Computers & security
- Issue:
- Issue 122(2022)
- Issue Display:
- Volume 122, Issue 122 (2022)
- Year:
- 2022
- Volume:
- 122
- Issue:
- 122
- Issue Sort Value:
- 2022-0122-0122-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-11
- Subjects:
- Malware classification -- Few-shot learning -- Siamese neural networks -- Deep neural networks -- GEM Image -- Malware visualization
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2022.102887 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 23874.xml