Go to OpenReview Public Article ORCID homepageBAOSAML: Behavioral AI-Based Open-Source Architecture for Malware Analysis Using Machine Learning
Abstract: The rapid evolution of cyber threats requires the application of modern malware analysis techniques. Due to the nature of existing methodologies which are not able to support different datasets and often lead to a high false alarm rate, they obstruct cybersecurity efforts. This problem is solved in this study through offering a remedy which is artificial intelligence-based solution toward more effective and faster malware detection. Using various advanced machine learning models including convolutional neural networks (CNNs), long short-term memory (LSTM) networksm and Markov Chain processes is the procedure followed in this work. Due to the ability to transform large volumes of data into recognition of patterns, CNNs were chosen, whereas LSTMs provide a better glimpse at the chronology of events which is quite common in malware research. Also, feature engineering and feature selection techniques are employed such as principal component analysis standards for data reduction processing and t-Distributed Stochastic Neighbor Embedding for high-dimensionality data visualization. To improve behavioral analysis, we use sequence analysis methods and anomaly detection algorithms like Markov Chains and isolation forest that are used to mimic the behavior of malware and detect unusual patterns. Using a variety of benchmark datasets to evaluate our experiments, we provide evidence that our system is superior to all existing systems. Performance measures have shown great improvement with this success.
External IDs:doi:10.1007/978-981-96-2703-5_37
Loading