Publication: Performance comparison of visualization-based malware detection and classification techniques
| dc.contributor.author | Shah S.S.H. | en_US |
| dc.contributor.author | Jamil N. | en_US |
| dc.contributor.author | Khan A.U.R. | en_US |
| dc.contributor.authorid | 57878344500 | en_US |
| dc.contributor.authorid | 36682671900 | en_US |
| dc.contributor.authorid | 55602487700 | en_US |
| dc.date.accessioned | 2023-05-29T09:38:50Z | |
| dc.date.available | 2023-05-29T09:38:50Z | |
| dc.date.issued | 2022 | |
| dc.description | Convolutional neural networks; Deep learning; Learning systems; Malware; Multilayer neural networks; Support vector machines; Visualization; Analysis techniques; Deep learning; Dynamics analysis; Histogram of oriented gradients; Machine-learning; Malware analysis; Malware classifications; Malware detection; Malwares; Memory analysis; Static analysis | en_US |
| dc.description.abstract | Cybercriminals use malware or malicious software to cause harm to the victim. Malware is a continuous source of concern for security teams. Malware analysis techniques, including static, dynamic, hybrid, and memory analysis, are used to comprehend the behavior and its impact. The aforementioned malware analysis techniques require domain knowledge to extract the artifacts from suspicious files, which is not always possible. A visualization approach, in which malware files are transformed into images, is one of the recently used techniques by researchers for malware detection and classification. In this paper, we apply four widely used techniques based on the visualization using a new dataset of memory dump files of malware families and benign classes. These visualization techniques include a histogram of oriented gradients (HOG) with multilayer perceptron (MLP), convolutional neural network (CNN) with pretrained weight of visual geometry group 16 (VGG), Transfer learning of VGG16 with support vector machine (SVM), and integration of global image descriptor (GIST) and HOG with SVM. Among the selected techniques, CNN with a pretrained weight of VGG16 outperformed the other techniques in terms of accuracy, precision, recall, and f1-score. Apart from the performance metrics, the results of selected techniques are also analyzed in terms of computational cost and memory utilization. � 2022 IEEE. | en_US |
| dc.description.nature | Final | en_US |
| dc.identifier.doi | 10.1109/ICET56601.2022.10004652 | |
| dc.identifier.epage | 205 | |
| dc.identifier.scopus | 2-s2.0-85146882806 | |
| dc.identifier.spage | 200 | |
| dc.identifier.uri | https://www.scopus.com/inward/record.uri?eid=2-s2.0-85146882806&doi=10.1109%2fICET56601.2022.10004652&partnerID=40&md5=4c170f022d204d258252f539319ec996 | |
| dc.identifier.uri | https://irepository.uniten.edu.my/handle/123456789/27028 | |
| dc.publisher | Institute of Electrical and Electronics Engineers Inc. | en_US |
| dc.source | Scopus | |
| dc.sourcetitle | 2022 17th International Conference on Emerging Technologies, ICET 2022 | |
| dc.title | Performance comparison of visualization-based malware detection and classification techniques | en_US |
| dc.type | Conference Paper | en_US |
| dspace.entity.type | Publication |