Go to DBLP homepageMalware Classification Method Based on Dynamic Features with Sensitive Behaviors
Abstract: Traditional malware classification methods often just scratch the surface by analyzing the sequence of system commands (API calls) used by malware during its operation. These approaches miss out on deeper, complex behaviors that could significantly enhance accuracy in identifying different malware types. To address this, we introduce SenBeMC, a method that delves deeper into the behaviors exhibited by malware. SenBeMC combine API call information vectors with behavioral information to enhance the deep semantic information of input features, enriching the hierarchical structure of feature representation. SenBeMC stands out by employing soft thresholding and attention mechanisms to sift through the noise — extraneous information that can mask the malware's true nature, and a BiLSTM model that excels in understanding the sequence and timing of actions, crucial for spotting sophisticated threats. Experimental evaluations on real-world datasets affirm that SenBeMC effectively improves feature representation and accuracy of malware classification when compared to other contemporary state-of-the-art models.
Loading